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Microsoft  moves  Microsoft  detailed  a  slew  of  product  Patch  problems  Users  say  patching  software  is  a  dis- 

directions  and  noted  it  will  spend  $6.8  billion  in  R&D  this  year.  PAGE  10.  ruptive,  timoconsuming  process  that’s  only  getting  worse.  PAGE  24. 
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Buyer’s  Guide: 


m 

COLLABORATION 


WINNER 

ribbbon  • 


Test:  Documentum’s  eRoom  comes  out  on  top 
in  our  collaborative  workspaces  review.  Page  35. 

•  Team  up  via  e-mail:  A  quick  look  at  Kubi’s 
e-mail  collaboration  tool.  Page  36. 

•  Before  you  deploy:  Five  questions  to  ask  before  you  roll 
out  collaboration  tools.  Page  37. 


Online 


Buyer's  Guide 


Head  to  Network  World  Fusion  for  a  guide  on  collaboration 
tools  and  Web  conferencing  companies. 

DocFinder:  6482 
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New  EMC  storage  arrays 
promise  replication  gains 


Cisco  I0S  scare 

stirs  questions 


HWe’re  monitoring  this  vulnera¬ 
bility  ...  but  we’re  not  overly 
concerned  about  it.  9  9 


Phil  Go 

CIO,  Barton  Malow 


■  BY  DENI  CONNOR 

EMC  this  week  is  expected  to 
introduce  new  Symmetrix  DMX 
storage  arrays  with  software  that 
the  company  says  will  cut  cus¬ 
tomers’  total  hardware  costs  and 
allow  data  replication  over  any 
distance. 

EMC  declined  to  comment,  but 
sources  say  the  company  will 
announce: 

•  Two  new  DMX  arrays  that  will 
represent  the  bottom  and  the 
top  of  EMC’s  product  line. 
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•  Technology  that  allows  asyn¬ 
chronous  replication  of  data 
between  storage-area  networks 
over  unlimited  distances  for  dis¬ 
aster  recovery  and  increased 
data  availability. 

•  ISCSI  protocol  support  to 
enable  the  transport  of  SCSI 
data  over  Gigabit  Ethernet  net¬ 
works. 

•  Fiber  Connectivity  (FICON) 
capability  which  allows  attach¬ 
ment  of  storage  to  mainframe 
servers. 

See  EMC,  page  55 


■  BY  PHIL  HOCHMUTH 

A  serious  vulnerability  in 
Cisco’s  IOS  software  has  yet  to 
yield  publicly  disclosed  exploits, 
but  the  incident  does  punctuate 
the  difficulty  of  properly  main¬ 
taining  iOS-based  gear  —  espe¬ 
cially  for  those  running  older 
versions,  experts  say. 

it  also  has  amplified  concerns 
that  Cisco  might  be  trying  to 
make  IOS  do  too  much. 

Cisco  notified  customers  July 
16  that  had  it  discovered  a  flaw 
affecting  all  devices  running  IOS 
software,  whereby  an  attacker 
could  disable  a  router  by  send¬ 


ing  specially  crafted  IPv4  pack¬ 
ets  to  the  device.  The  next  day 
Cisco  posted  a  patch  —  which 
requires  a  router  to  come  offline 
temporarily  while  rebooting  — 
and  a  separate  work-around  that 
can  be  deployed  without  restart¬ 
ing  equipment. 

■  Merrill  Lynch  swaps  out  Cisco 
VoIP  gear  for  Avaya.  Page  10. 


On  July  18,  it  was  reported  that 
ready-made  code  written  to 
exploit  the  IOS  flaw  was  circulat¬ 
ing  the  Internet  and  could  be 
used  by  fairly  unsophisticated 
users  to  crash  routers. 

However,  no  ISPs  or  companies 
have  reported  being  hit  as  a 
result  of  the  Cisco  vulnerability. 

See  Cisco,  page  55 


DNS  is  busting  out  all  over 


Devii  in  the  details 

DNS  configuration  errors  have  declined  over  the  past  five 
years  but  continue  to  expose  companies  to  potential  disasters 
such  as  losing  e-mail  service.  As  DNS  becomes  a  foundation 
for  other  applications  such  as  telephony,  those  errors  likely 
will  continue  to  expose  vulnerabilities. 


%  of  DNS  servers  misconfigured 


60 


’98  1999  2000  2001  2002  '03 

SOURCE:  MEN  &  MICE  QUARTERLY  DNS  STUDY 


New  uses  continue  to  be  found 
for  20-year-old  ’Net  technology. 

■  BY  JOHN  FONTANA 

After  20  years  as  one  of  the  cornerstones  of  the 
Internet,  DNS  is  being  tapped  to  revolutionize  cor¬ 
porate  supply  chains,  IP  telephony  real-time  com¬ 
munications  and  security. 

DNS  is  being  used  to  support  two  hot  emerging 
technologies,  radio  frequency  identification 
(RFID),  which  is  expected  to  slash  costs  and 
streamline  corporate  supply  chains,  and  the  pro¬ 
posed  IETF  standard  called  Electronic  Numbering 
(Enum),  which  promises  to  marry  the  PSTN  to  IP 
networks.  DNS  also  is  being  adopted  for  IPv6  and 
could  provide  a  foundation  for  a  new-fanglet 
public-key  infrastructure  (PKI)  system  and  to  Ik 
combat  Internet-based  identity  theft. 

See  DNS.  page ' 
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Introducing  Microsoft  Windows  Server  2003.  Do  more  with  less. 


You're  being  asked  to  do  more.  You’re  being  asked  to  do  it  with  less.  Microsoft  Windows  Server  2003  is  designed  to 
help  you  manage  these  opposing  forces  with  powerful  server  consolidation  capabilities  that  increase  efficiency,  decrease 
man-hours,  and  lower  your  total  cost  of  ownership.  Download  your  free  evaluation  copy  of  Windows  Server  2003 
at  microsoft.com/windowsserver2003  Software  for  the  Agile  Business. 

Information  Resources,  Inc.  (IRI)  manages  over  122  terabytes  of  data  to  provide  consumer  behavior  insights,  advanced  analytics,  and 
decision  analysis  tools  for  some  of  the  largest  consumer  packaged  goods,  healthcare,  retail,  and  financial  companies  in  the  world.  To  meet 
increasing  demand  for  faster,  more  granular  business  intelligence  while  reducing  costs,  IRI  is  using  64-bit  editions  of  Windows  Server 
2003  and  SQL  Server  2000  on  an  Intel  Itanium  2  system  to  deliver  faster  answers  to  its  customers.  The  result?  IRI  will  be  able  to  process 
more  queries,  using  a  fraction  of  the  number  of  servers  while  realizing  significant  cost  savings  and  improving  customer  service. 
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Windows  Server  2003 


There  are  places  where  you  can  have 

I  m 

QCC6SS  while  drinking  a  latte. 
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Th  is  isn't  one  of  them 


I  No  Wi-Fi?  You're  Covered. 


ft  '  You  won't  always  be  near  a  Wi-Fi  "hot  spot."  That's  why  enterprise  mobility  applications  based  on  3G  CDMA  wireless  networks 

are  revolutionizing  business  in  ways  that  Wi-Fi  can't.  Offering  ubiquitous  coverage  and  speeds  better  than  landline  dial-up, 

MS'-  y ' \\ : . 

you'll  have  instant  access  to  everything  behind  your  corporate  firewall.  Best  of  all,  you  won't  be  limited  by  "hot  spot"  availability 
Remember,  not  all  wireless  technologies  are  created  equal.  To  find  out  what  the  differences  are,  ask  your  wireless  provider 

t  whether  they  offer  true  nationwide  3G  services. 
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■  10  Merrill  Lynch  swaps  out  Cisco  VoIP  gear  for  Avaya. 

■  10  Microsoft  hanging  its  hat  on  Longhorn  server,  client. 

■  10  Tech  heavyweights  tip  the  scales  for  offshore  outsourcing. 

■  12  Dell  scraps  eight-way  line,  pushes  clustering. 

■  12  Secure  Sockets  Layer:  Too  much  of  a  good  thing? 

■  14  Bluetooth  gets  greasy  and  gritty. 


Infrastructure 

■  17  Foundry  adds  load-balancing, 
security  features. 

■  17  Start-up  offers  InfiniBand 
iSCSI  router. 

■  18  IBM  adds  grid  computing  to 
WebSphere. 

■  18  Dave  Kearns:  A  Web 

service  you  can  use. 


Technology  Update 

■  27  IPSs  instantly  grant  or  deny 
access. 

■  27  Steve  Blass:  Ask  Dr. 

Internet. 

■  28  Mark  Gibbs:  Sharing 
with  Samba. 

■  28  Keith  Shaw:  Cool  tools, 
gizmos  and  other  neat  stuff. 


Enterprise 

Applications 

■  21  Spam  technology  seeks 
acceptance. 

■  21  BMC  lightweight  management 
software  gains  some  heft. 

■  22  Scott  Bradner:  A 

modest  security  proposal. 

■  24  Special  Focus:  Patch 
management  burdens  customers. 

Service  Providers 


Opinions 

■  32  Editorial:  Looking  for 
innovation  that  matters. 

■  33  Peter  Tippett:  Security 
is  not  a  quilt,  so  let's  patch  less. 

■  33  Frank  Dzubeck:  Carrier 
services:  A  public  utility? 

■  56  BackSpin:  The  jackals  of 

IT. 

■  56  ’Net  Buzz:  Gartner  survey 
looks  to  be  a  case  of  mistaken 
identity-theft  figures. 


■  25  Sprint  throws  hat  into  Wi-Fi 
service  arena. 

■  25  FiberLink  serves  up  SSL 
remote  access. 

■  26  Johna  Till  Johnson: 

In  search  of  elusive  telco  cost 
savings. 


Management 

Strategies 

■  41  Call  in  the  security  auditors: 
Independent  SAS  70  audits  could 
show  you  how  secure  data  is  with 
your  service  provider. 


Sony's  new  Clie 
PDA  conies  with 
802.11b  Bluetooth 
technologies. 

Page  28. 


|  Features 

Review:  Collaborative  Workspaces 

Documentum's  eRoom  wins  Blue  Ribbon  Award  for  its  cool  virtual  team  space. 

Page  35. 

Tester’s  Choice 

David  Newman  checks  in  with  his  first  impression  of  wireless  LAN  switch  testing. 

Page  38. 

Feature:  VoIP  unwired 

Voice  and  wireless  LANs  might  seem  like  an  odd  coupling,  but  for  some  compa¬ 
nies  it  might  just  be  the  perfect  combination. 

Page  39. 
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Interactive 

Collaboration  tools  and  Web  conferencing 
Buyer’s  Guides 

Our  newest  Buyer's  Guides  offer  detailed  specs  on  products  from  12  col¬ 
laboration  and  20  Web  conferencing  vendors,  and  let  you  compare  them 
on  a  variety  of  criteria.  DocFinder:  6938 

Are  you  making  what  you’re  worth? 

Plug  some  information  about  your  background,  skills  and  job  into  our 
Salary  Calculator,  and  well  tell  you  what  you  should  be  making  when  com¬ 
pared  with  your  peers.  One  note:  The  data  you  enter  is  not  stored  per¬ 
manently.  It's  kept  in  RAM  only  long  enough  to  calculate  your  expected 
salary  and  total  compensation.  DocFinder:  6821 

Wireless  Wizards 

In  our  newest  Fusion-exclusive  column,  each  week  our  Wizards  will  answer 
your  tough  enterprise  wireless  questions.  This  week  they  help  Stuart  in 
Ithaca,  who's  wondering  if  his  current  access  points  will  work  with  next- 
generation  switches.  DocFinder:  6939 

I  Seminars  and  events 

The  New  Data  Center  Powering  the  Enterprise 

The  data  center  is  the  driving  force  of  the  enterprise,  rising  to  take  con¬ 
trol  through  consolidation  and  virtualization,  automation  and  efficiency.  If 
your  data  center  isn’t  fully  metered,  accountable  and  effective,  don't  miss 
this  Network  World  Technology  Tour  event.  The  event  is  Tree  to  qualified 
professionals.  DocFinder:  6646 

■  CONTACT  US  NetworkWorid,  118Turnpike  Road,  Southborough, 

MA  01772;  Phone:  (508)  460-3333;  Fax:  (508)  490-6438; 

E-mail:  nwnews@nww.com;  STAFF:  See  the  masthead  on  page  14 
for  more  contact  information.  REPRINTS:  (717)  399-1900 
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Columnists 


The  Multimedia  Exchange 

Wainhouse  Research  Summit  2003 
Multimedia  Editor  Jason  Meserve  attended  the  summit  last 
week  and  offers  up  the  latest  news  and  analysis  from  experts 
on  videoconferencing,  Web  conferencing  and  streaming. 

DocFinder:  6940 

Telework  Beat 

Telework  on  the  upswing 

Net.Worker  Editor  Toni  Kistnor  explores  a  new  AT&T  survey 
that  predicts  high  telework  growth  in  two  years. 

DocFinder:  6941 

Small  Business  Tech 

New  apps  teach  Outlook  new  tricks 

Columnist  James  Gaskin  tries  some  add-ins  that  provide  a 

collaborative  workspace  and  enhanced  cell  phone  links. 

DocFinder:  6942 


Breaking  News 

Come  online  for  exclusive  breaking  news  every  day. 

DocFinder:  6342 

Free  e-mail  newsletters 

Sign  up  for  any  of  moro  than  40  free  e-mail  newsletters  on 
key  network  topics.  DocFinder:  6343 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 


The  Good  hi  Bad  u  Ugly 


NetworkWorld 
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■  According  to  The  Management  Network  Group,  a  research  and 
consulting  firm,  a  large  number  of  businesses  plan  to  switch  wire¬ 
less  service  providers  once  wireless  number  portability  goes  into 
effect  in  November.  Based  on  new  regulations,  wireless  service 
providers  will  be  required  to  let  customers  switch  to  a  new  carrier 
while  holding  on  to  their  wireless  telephone  numbers. TMNG  says 
24%  of  businesses  with  more  than  500  employees  are  ready  to 
switch  to  new  providers  once  wireless  number  portability  is  avail- 
able.Twelve  percent  of  users  say  they  will  make  the  move  within  90 
days.  The  study  is  based  on  100  telephone  interviews  with  users 
who  make  buying  decisions  for  their  companies. 

SCO  offers  new  litigation  shield 

■  The  SCO  Group  has  opened  another  chapter  in  its  fight  to  protect  its  ownership  of  the 
Unix  System  V  source  code,  calling  on  Linux  customers  to  buy  UnixWare  licenses  from 
SCO  in  order  to  protect  themselves  from  future  litigation  based  on  copyright  violations. 
Last  week,  the  company  announced  it  had  received  copyrights  for  the  Unix  System  V 
source  code,  giving  it  “broad  legal  rights  against  end  users  with  respect  to  infringing  use 
of  Linux.”  The  move  expands  SCO’s  legal  battle,  which  began  earlier  this  year  when  it  sued 
IBM  for  $3  billion  for  allegedly  misappropriating  protected  Unix  code  into  its  version  of 
Unix,  AIX.lt  then  accused  IBM  of  contributing  the  protected  code  to  Linux.  Dari  McBride, 
SCO’s  president  and  CEO,  says  the  advanced  symmetric  multiprocessing  capabilities  of 
Linux  2.4  were  ported  illegally  from  its  Unix  System  V  code.  He  says  users  of  Linux  2.4  and 
later  versions  who  purchase  a  run-time  binary  UnixWare  license  will  be  held  harmless  of 
any  future  actions  for  use  of  Linux.  Pricing  for  the  license  was  not  specified.  (See  related 
story,  page  56.) 


Beyond  book  covers.  The  'Net  might  be  a  treasure  trove  of 
information,  but  to  date  that  bounty  has  been  conspicuously  lacking  in  a  most 
important  source  of  knowledge:  the  actual  text  of  books.  That  may  soon  change, 
according  to  The  New  York  Times ,  which  reports  that  Amazon.com  is  negotiating 
with  publishers  to  provide  a  searchable  online  archive  of  tens  of  thousands  of 
nonfiction  books. 


Handhelds  slip.  Worldwide  shipments  of  handheld  devices  plummeted 
10.7%  in  the  second  quarter,  according  to  IDC,  which  blames  tight  budgets  and 
a  lack  of  compelling  new  applications  for  the  drop-off.  Palm  continues  to  pace  the 
market  with  an  almost  40%  share. 


BRIAN  6AIDRY 


Risky  business. 

And  people  worry  about  using 
public  toilets?  A  New  York 
man  last  month  pleaded  guilty 
to  charges  arising  from  his 
secretly  having  installed  on 
public  terminals  at  more  than 
a  dozen  Kinko's  stores 
software  that  captures 
individual  keystrokes.  He 
grabbed  personal  identification 
information  from  about  450  users 
and  opened  bank  accounts  using 
the  data.  Experts  call  the  crime  a 
growing  menace  at  Internet  cafes.  > 


posted  to  the  Internet  by  an  activist.  Avi  Rubin,  technical  director  of  the  Information 
Security  Institute  at  Johns  Hopkins  University,  says  the  code  shows  a  voter  easily  could 
trick  the  machine  into  accepting  more  than  one  ballot  per  voter.  Another  researcher,  Dan 
Wallach,  assistant  professor  of  computer  science  at  Rice  University  echoed  the  findings, 
which  have  been  issued  in  a  technical  report  (see  details  at  www.nwfusion. 
com,  DocFinder:  6949), saying  the  country  needs  to  have  extensive  independent  security 
evaluation  of  all  electronic  voting  machines  on  the  market.  Diebold’s  response  was  that 
the  company  would  “reserve  judgment  on  the  researchers’  fundamental  conclusions,” and 
Diebold  noted  that  the  researchers  themselves  acknowledged  they  could  not  be  sure  the 
code  was  actually  from  Diebold. 


Microsoft  adds  legal  protections 

■  Microsoft,  which  has  been  tweaking  its  new  licensing  program  since  it  went  into  effect 
more  than  a  year  ago,  is  at  it  again. The  company  has  altered  the  indemnity  provisions  of 
its  software  license  so  that  it  will  be  liable  if  a  customer  gets  sued  because  of  Microsoft 
products.  In  the  past,  Microsoft  would  accept  liability  only  up  to  the  amount  the  customer 
had  spent  on  the  software.  Microsoft  also  increased  software  warranties  to  a  year  from  90 
days,  and  said  it  would  give  customers  30  days’  notice,  instead  of  just  15,  before  conduct¬ 
ing  software  audits. The  changes  took  effect  March  1. 

Researchers  say  voting  machine  vulnerable 

■  Researchers  are  heaping  criticism  on  electronic  voting  machines  built  by  Diebold 
Election  Systems  after  examining  software  code  for  the  machines  said  to  have  been 


Building  an  intranet 

After  several  weeks  of  playing  around  with  various  collaborative  tools,  such  as  TWiki, 
we've  settled  on  Movable  Type  as  the  platform  for  our  new  intranet  It's  a  lot  more 
flexible  than  you  might  think  at  first  and  because  we  already  use  it  there's  a 

shorter  learning  curve.  Read  more  at  www.nwfusion.com,  DocFinder:  6928. 


Novell  set  to  ship  NetWare  6.5 

■  Novell  last  week  announced  that  it  would  ship  the  next  version  of  its  flagship  operat¬ 
ing  system  Aug  15.  NetWare  6.5  will  include  a  Java  2  Platform  Enterprise  Edition  and 
Tomcat  application  server,  open  source  applications  such  as  the  Apache  Web  server  and 
MySQL  database,  and  Perl  and  PHP  development  environments.  In  addition,  Novell  is 
bundling  its  Nterprise  Branch  Office  and  Virtual  Office  technologies  in  NetWare  6.5.  A 
100-user  license  will  sell  for  $18,400. 

HP,  IBM  and  Sun  ready  security  gambit 

■  HR  IBM  and  Sun  are  allying  with  three  security  providers  next  week  to  announce 
an  open  standards  initiative  for  safe  computing.  Although  the  vendors  did  not  provide 
details  of  the  initiative  in  an  invitation  to  an  Aug.  5  conference  call  on  the  subject, 
Gartner  analyst  John  Pfescatore  says  the  announcement  centers  on  the  adoption  of  a 
technology  that  lets  companies  monitor  changes  made  to  software  on  servers. 
Pfescatore  says  he  previously  was  briefed  on  the  subject  and  that  the  initiative  will 
bring  technology  from  Tripwire  to  HR  IBM  and  Sun’s  server  products. The  announce¬ 
ment  is  being  made  with  Tripwire,  RSA  Security  and  InstallShield  Software.  Tripwire 
develops  technology  that  uses  digital  fingerprints  and  is  designed  to  let  companies 
see  if  software  on  their  servers  has  been  changed.  RSA  will  make  the  digital  signa¬ 
tures,  and  Tripwire  will  provide  the  signature  database.  InstallShield  provides  software 
that  enables  distribution  and  management  of  software  and  digital  content. 


PHYSICIANS  TAKE  THE 

HIPPOCRATIC  OATH- 

JUDGES  TAKE  A 
CONSTITUTIONAL  OATH. 

WHAT  ABOUT 
SOFTWARE  MAKERS? 


As  the  world’s  leading  provider  of  business  application 
software,  we  have  an  enormous  responsibility  to  you,  our 
customers.  After  all,  you’ve  entrusted  your  business’s  future  to 
our  products  —  and  our  reputation.  So  we’d  like  to  take  a  few 
moments  to  define  our  commitment  to  you.  It’s  not  exactly  an 
oath.  But  for  us,  it’s  written  in  stone. 

SOFTWARE  THAT  WORKS 

We  don’t  rush  SAP®  solutions  into  the  marketplace.  They’re 
engineered  for  stability  and  reliability,  then  tested  and  retested 
to  ensure  it.  Which  makes  them  the  perfect  choice  for  mission- 
critical  business  processes. 

Altogether,  we  spend  more  than  $1  billion  a  year  on  re¬ 
search  and  development.  Think  of  it  as  an  investment  in  your 
peace  of  mind. 

OPTIONS  THAT  PROTECT  YOUR  INVESTMENT 

We’re  constantly  looking  for  new  ways  to  help  you  reduce 
costs  and  limit  your  financial  risk. 

Here’s  one  way:  our  breakthrough  open  technology 
platform,  SAP  NetWeaver”.  It  enables  you  to  make  use  of  your 
existing  software  investments,  plus  choose  any  software  you 
want  in  the  future  —  SAP  or  non-SAP.  The  result:  significantly 
lower  integration  costs,  as  well  as  lower  total  cost  of  ownership. 

SOLUTIONS  THAT  FIT  YOUR  BUSINESS 

What  does  a  small  pharmaceutical  manufacturer  have  in 
common  with  a  huge  financial  services  company?  Frankly,  not 
a  lot.  Which  is  why  we  offer  customized  solutions  for  23  differ¬ 
ent  industries,  as  well  as  solutions  scaled  specifically  for  small 
and  midsize  businesses.  After  all,  you  want  solutions  that  fit, 
not  almost  fit. 


SERVICE  THAT’S  SECOND  TO  NONE 

Even  the  best  software  is  useless  without  top-notch 
support.  So  we’ll  always  stand  behind  you.  In  fact,  130,000 
consultants  will  be  behind  you.  It’s  called  the  SAP  Customer 
Services  Network. 

They  can  help  you  strategically  plan  for,  implement, 
operate,  and  continually  improve  solutions.  Their  goal  is  to 
maximize  your  return  on  investment  and  help  you  realize 
your  objectives  faster  than  ever. 

A  PROMISE  THAT  WE  LL  BE  HERE 

We’ve  been  in  business  for  over  31  years.  Today,  29,000  of 
our  employees  are  servicing  19,600  customers  in  120  countries.  As 
you  can  probably  deduce  from  those  numbers,  we’re  committed 
to  being  your  trusted  partner  for  the  long  term.  Evidently,  that 
commitment  has  not  gone  unnoticed.  As  BusinessWeek  Online 
recently  commented:  “In  a  world  where  being  safe  is  sexy, 
SAP  may  be  the  biggest  eye-catcher  on  the  block.” 

FEEL  LIKE  TALKING? 

Lately,  there’s  been  a  lot  of  turmoil  in  our  industry. 
Hopefully,  you  haven’t  been  affected. 

But  if  you  are,  you  should  know  that  you  have  an  alter¬ 
native:  a  company  whose  main  priority  is  its  customers’  needs; 
a  company  that  places  the  utmost  importance  on  relationships; 
a  company  that  will  be  here  for  you. 

If  you’d  like  to  talk  to  that  company,  call  us  at  1 800  940 1727 
or  visit  sap.com/commitment 


THE  BEST-RUN  BUSINESSES  RUN  SAP 
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Merrill  Lynch  swaps  Cisco  VoIP  gear  for  Avaya 


■  BY  PHIL  HOCHMUTH 

VoIP  early  adopter  Merrill 
Lynch  last  week  said  it  was  tak¬ 
ing  out  large  Cisco-based  IP  tele¬ 
phony  installations  at  campuses 
in  New  Jersey  and  Tokyo  and 
replacing  them  with  a  mix  of  IP 
and  traditional  telephony  gear 
from  Avaya. 

The  move  comes  after  IT 
executives  at  Merrill  —  which 
adopted  Ciscos  VoIP  in  2000  — 
“became  increasingly  con¬ 
cerned  about  putting  all  of  our 
eggs  in  one  basket,”  according  to 


a  Merrill  Lynch  spokesman 
involved  in  the  project. 

“If  we  were  to  move  to  an  IP- 
only  telephony  network,  then  a 
successful  attack  on  our  IP  net¬ 
work  would  leave  us  without 
both  voice  and  data,”  the 
spokesman  says.  The  move  is 
part  of  a  global  IT  policy  to  push 
forward  with  IP  telephony  but 
have  TDM  voice  as  a  backup, 
he  added. 

To  accomplish  this,  Merrill 
Lynch  plans  to  pull  out  Cisco 
CallManager  IP  PBXs  and  IP 
phones  and  deploy  Avaya  S8700 


media  servers,  which  can  switch 
calls  for  IP  and  TDM  —  a  feature 
Merrill  Lynch  wanted  to  ensure 
backup.  Avaya  PBXs  already  are 
used  at  some  Merrill  Lynch  sites. 

Merrill  Lynch  says  the  move  to 
dual  IP/TDM  voice  would  have 
been  hard  to  accomplish  with 
voice  gear  that  worked  only  in  an 
IP  environment. 

“The  problem  for  us  today  was 
that  the  Cisco  IP  handset  was 
specific  to  a  particular  [IP  teleph¬ 
ony]  switch,”  the  Merrill  Lynch 
spokesman  says.“You  cannot  mix 
Cisco  handsets  and  Avaya  [TDM] 


switches,  and  vice  versa.That  gave 
us  no  choice  but  to  replace  the 
Cisco  handsets.” 

Cisco  did  not  answer  a  request 
for  comment  on  the  new  Merrill 
Lynch  strategy 

The  Merrill  Lynch  spokesman 
says  the  mixed  Avaya  environ¬ 
ment  will  give  the  company  the 
flexibility  of  IP  telephony  with  tra¬ 
ditional  phones  available  as  a 
backup. 

By  year-end,  the  company 
plans  to  migrate  a  majority  of 
5,800  employees  at  its  Hopewell, 
N.J.,  campus  and  1,800  workers 


at  its  Tokyo  regional  headquar¬ 
ters  to  Avaya  IP  handsets,  but 
with  some  Avaya  TDM  phones 
mixed  in. 

The  spokesman  says  that  a 
“doubling  of  attacks”  on  the 
firms  IP  network  over  the  last  18 
months  prompted  rethinking  of 
the  firms  IP  convergence  stra¬ 
tegy.  He  did  not  elaborate  about 
the  attacks. 

“The  main  thing  to  get  across  is 
that  this  was  not  a  vendor-prefer¬ 
ence  decision  at  all,”  the  spokes¬ 
man  says.  “This  is  basically  risk- 
assessment-driven.”  ■ 


Microsoft  hanging  its  hat  on  Longhorn  server,  client 


■  BY  JOHN  FONTANA 

Microsoft  last  week  finally 
acknowledged  that  it  was  devel¬ 
oping  a  server  version  of  its 
Longhorn  operating  system  and 
said  the  evolution  of  its  next-gen¬ 
eration  enterprise  software  lineup 
would  be  integrated  around  both 
the  client  and  server  version  of 
that  operating  system. 

“Longhorn  is  the  next  genera¬ 
tion;  it’s  a  big  bet  for  us,”  said  Bill 
Gates,  Microsoft’s  chairman  and 
chief  software  architect,  at  the 
company’s  annual  meeting  with 
financial  analysts.  It’s  the  latest  in 
a  series  of  bets  Microsoft  has 
made.  Gates  said  Microsoft  was 
committing  $6.8  billion  to  re¬ 
search  and  development,  an  8% 
increase  over  last  year. The  figure, 
however,  includes  employee 
stock  compensation,  which 
replaced  the  stock  options  pro¬ 
gram  earlier  this  month. 

“It’s  clearly  many  years  of  work 
that  we’re  engaging  in, ’’Gates  said. 
“Longhorn  is  not  just  a  release  of 
the  Windows  client,  it’s  also  a 
release  where  in  the  same  time 
frame  you’ll  have  advances  in 
Office,  our  server  products. 
Virtually  everything  at  Microsoft  is 
synchronized  to  build  on  this 
platform  and  take  advantage  of 
that.” 

The  synchronization  means 
slippage  in  the  development  of 
any  of  the  new  software  could 
mean  delays  in  the  entire  plat¬ 
form.  CEO  Steve  Ballmer,  ac¬ 
knowledged  that  was  a  risk  in  the 
Longhorn  integration  efforts. 

Gates  said  the  company  does 
not  have  a  time  frame  for  deliver¬ 
ing  on  its  efforts.  He  said  some  of 
the  advancements  related  to 
Longhorn  would  come  before 


the  shipment  of  the  operating  sys¬ 
tem,  which  is  planned  for  2005.  A 
beta  is  scheduled  for  next  year. 

The  advancements,  most  of 
which  have  been  announced, 
include  a  platform-wide  manage¬ 
ment  infrastructure,  an  integrated 
file  system  called  WinFS,  work- 
flow  that  incorporates  business 
process  and  employee  interac¬ 
tion,  business  intelligence,  user 
interface  additions  and  the  evolu¬ 


tion  of  the  .Net  Web  services  plat¬ 
form  code-named  Indigo. 

Gates  offered  one  caveat, saying 
the  linchpin  is  the  company’s 
Trustworthy  Computing  program, 
which  took  a  hit  this  month  with 
the  discovery  of  a  critical  vulner¬ 
ability  in  Windows  Server  2003. 
The  operating  system  was  the  first 
developed  under  the  initiative, 
which  began  in  January  2001  to 
secure  Microsoft’s  source  code. 


“Trustworthy  Computing,  that’s  a 
piece  that  we’ve  got  to  get  right  or 
all  the  other  advances  won’t 
really  matter]’ Gates  said. 

The  biggest  advancement  is  the 
Longhorn  server,  which  is  needed 
to  support  the  emerging  manage¬ 
ment  platform  and  the  distrib¬ 
uted  WinFS  file  system. 

Eric  Rudder,  senior  vice  presi¬ 
dent  of  the  company’s  server  and 
tools  business,  laid  out  the  prod¬ 


uct  road  map  for  this  fiscal  year, 
which  began  July  1.  It  includes 
many  products  already  expected 
as  follow-ons  to  Win  2003,  includ¬ 
ing  ShareFbint  Services  and  the 
newly  re-named  Microsoft  Office 
Live  Communications  Server 
2003,  which  was  code-named 
Greenwich.  Rudder  also  said 
Microsoft  is  developing  an  appli¬ 
cation  called  Audit  Collection 
System.  ■ 


Heavyweights  tip  scales  for  offshore  outsourcing 


■  BY  DENISE  DUBIE 

The  news  last  week  that  IBM  might  out¬ 
source  some  U.S.  white-collar  jobs  overseas 
has  thrown  fuel  on  a  smoldering  fire. 

While  IBM  contends  it  has  no  formal  plans 
to  shift  jobs,  an  employee  activist  organiza¬ 
tion  leaked  to  The  New  York  Times  a  record¬ 
ing  of  a  conference  call  among  IBM  execu¬ 
tives  discussing  just  that. 

The  Washington  Alliance  of  Technology 
Workers  in  Seattle  passed  the  recording  to 
the  newspaper  and  to  Alliance  at  IBM,  an 
Endicott,N.Y,  activist  organization  of  current 
and  former  IBM  employees.  While  IBM 
denied  any  plans,  the  Washington  Alliance 
says  the  recording  has  Tom  Lynch,  IBM’s  glob¬ 
al  employee  relations  director, saying  shifting 
jobs  would  raise  concerns  among  govern¬ 
ment  officials  worried  about  the  lagging  U.S. 
economy  and  out-of-work  IT  professionals. 

“Some  of  the  reaction  to  this  is  hype,  but 
there  is  a  move  toward  doing  more  offshore 
outsourcing,”  says  Carrie  Lewis,  a  senior  ana¬ 
lyst  in  technology  management  strategies  at 
The  Yankee  Group.  She  says  that  offshore 
companies  expanding  their  service  offerings, 
along  with  the  reduced  cost  outsourcing  rep¬ 
resents,  could  have  more  companies  moving 
positions  outside  of  their  core  business  com¬ 
petencies  to  overseas  locations. 

Microsoft  and  HP  also  recently  moved  IT 


positions  to  operations  in  India.  The  Wash¬ 
ington  Alliance  reported  in  November  that 
Bill  Gates  said  Microsoft  would  invest  $400 
million  over  the  next  three  years  to  expand 
its  activities  in  India,  $100  million  of  which 
would  go  to  its  facility  in  Hyderabad.  And  HP 
shifted  1,200  Compaq  customer  service  jobs 
from  Florida  to  the  exist¬ 
ing  HP  center  in  India. 

So  even  though  the  IBM 
discussion  is  in  keeping 
with  industry  trends,  the 
news  could  represent 
something  of  a  tipping 
point  and  lead  to  an  IT 
employment  backlash, 
says  William  Martorelli, 
vice  president  at  Giga 
Research. 

“People  seem  to  have 
taken  this  IBM  story  as  a 
key  signal  that  things 
have  really  changed,”  he 
says.“It  does  mark  a  struc¬ 
tural  change  within  a 
company,  and  it’s  more  likely  a  permanent 
change  for  companies  looking  to  up  their 
competitive  advantage." 

The  Information  Technology  Association  of 
America  in  May  reported  the  results  of  a  sur¬ 
vey  that  showed  22%  of  respondents  have 
moved  work  offshore  and  15%  have  opened 


operations  overseas. 

Forrester  Research  estimates  about  3.3  mil¬ 
lion  U.S.services  jobs.or  about  $136  billion  in 
wages,  will  be  located  in  countries  such  as 
India,  Russia,  China  and  the  Philippines  by 
2015,  with  the  IT  industry  .leading  the  mass 
offshore  exodus. 

Traditionally,  the  type  of 
jobs  sent  overseas  didn’t 
threaten  the  U.S.  high-tech 
employees,  but  Yankee’s 
Lewis  says  offshore  com¬ 
panies  are  expanding 
their  service  offerings  to 
try  to  cash  in  on  more  out¬ 
sourcing  opportunities 
from  the  U.S.  While  it  will 
take  at  least  two  to  three 
years  before  foreign  com¬ 
panies  can  equal  the  out¬ 
sourcing  services  avail¬ 
able  in  U.S.  today,  the  threat 
of  losing  more  IT  jobs  still 
exists. 

“As  the  offshore  compa¬ 
nies  try  to  move  upstream  and  add  deeper 
services,  they  could  potentially  begin  to 
move  into  higher-skilled  positions,” 
Lewis  says. 

IDG  News  Service  Correspondent  Stacy 
Cowley  contributed  to  this  story. 


Job  flight 

U.S.  employers  will 
have  about  3.3  million 
white-collar  service 
jobs  and  $136  billion  in 
wages  overseas  in  2015, 
up  from  $4  billion  by 
2000,  according  to  a 
November  2002  study 
by  Forrester  Research. 


im-  •  : 


You  Never  Know  When  It's  Their  Time  To  Go 


ConsoleWorks™ 

Independent  of  the  network, 
ConsoleWorks  is  connected  via 
a  serial  or  network  console  port 
to  continuously  monitor,  audit  and 
log  information  about  the  health 
of  each  network  component. 


A  server  on  your  network  is  dead  and  you  are  scrambling  to  locate  the  source  of  the  problem. 
But  your  terminal  server  doesn't  know.  And  your  agent  can't  help  you.  Now  you've  lost  critical 
data.  With  ConsoleWorks™  from  TDi,  you  know  immediately  what  the  problem  is.  Implement 
the  ConsoleWorks  secure,  Web-based  solution  within  days  and  manage  your  entire  enterprise 
-  servers,  SAN,  network  devices,  storage  controllers,  and  applications  like  MS  Exchange  and 
Oracle.  Implement  ConsoleWorks  as  a  stand-alone  solution  or  integrate  it  with  HP  OpenView, 
BMC  Patrol,  CA  Unicenter,  and  more.  Contact  us  at  +1.800.695.1258  or 
visit  us  at  www.tditx.com/netad.  So  next  time  your  server  dies,  your 
business  won't  get  buried.  See  us  at  HPWorld  -  booth  #439. 

+  1.800.695.1258  I  www.tditx.com  Development 


ConsoleWorks  is  a  registered  trademark  of  TECSys  Development,  LP.  MS  Exchange  is  a  registered  trademark  of  Microsoft  Corp.  BMC  Patrol  is  a  registered  trademark  of  BMC 
Software,  HP  OpenView  is  a  registered  trademark  of  Hewlett-Packard,  and  CA  Unicenter  is  a  registered  trademark  of  Computer  Associates  International. 
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Del!  scraps  eight-way  line,  pushes  clustering 


Each  has  advantages 

Should  you  be  scaling  up  or  scaling  out?  Some  things  to 
think  about: 


■  BY  JENNIFER  MEARS 

While  eight-way  Intel  boxes  run¬ 
ning  database  and  transactional 
applications  remain  a  staple  in 
most  large  data  centers,  Dell’s 
decision  to  scrap  its  high-end  line 
of  eight-processor  servers  last 
week  highlights  an  evolving  trend 
toward  clustering  low-end  boxes, 
analysts  say 

Dell  said  it  would  shelve  its 
eight-way  product  line,  although 
it  will  continue  servicing  its  cur¬ 
rent  FbwerEdge  8450  customers 
through  the  foreseeable  future. 
The  move  is  in  line  with  a  strategy 
Dell  articulated  in  the  spring  to 
help  customers  cut  server  costs 
by  encouraging  them  to  use  clus¬ 
ters  of  lower-priced  Intel  boxes  to 
get  the  processing  power  of  more 
expensive,  bigger  boxes. 

“IDC’s  belief  is  that  a  long-term 
trend  in  the  industry  is  to  be  able 
to  couple  together  groups  of 
smaller-scale  systems  like  four¬ 
way  or  two-way  servers  to  accom¬ 
plish  a  lot  of  the  tasks  that  bigger 
traditional  [symmetric  multipro¬ 
cessing]  systems  could  only  do,” 
says  Mark  Melenovsky  an  analyst 
at  IDC. 

Not  that  this  spells  trouble  for 


big  SMP  boxes.  Both  IBM  and  HP 
are  committed  to  their  eight-way 
Intel  server  businesses  and  say 
that  they  are  seeing  demand  for 
the  boxes  not  only  to  run  big 
applications,  but  also  as  cus¬ 
tomers  consolidate  proliferating 
Intel  servers  onto  single 
machines. 

“Clustering  is  good  for  problems 
that  can  be  easily  subdivided  and 
has  some  real  advantages  from  a 
hardware  cost  standpoint,”  says 
Nathan  Brookwood,  principal 
analyst  at  Insight  64.  “But  if  the 
problem  doesn’t  lend  itself  to  that 
kind  of  decomposition  then  that’s 
not  necessarily  the  best  solution.” 

Nevertheless,  the  demand  for 
eight-processor  systems  has  taken 
a  hit  as  a  result  of  the  tough  econ¬ 
omy  IDC  says.  Of  about  415,000 
x86-based  servers  shipped  during 
the  first  quarter  this  year,  only 
about  3,000  were  eight-processor 
systems,  the  research  firm  says. 

The  stepped-up  power  of  dual 
processor  Xeon  chips  isn’t  help¬ 
ing  the  eight-way  market,  either,  as 
businesses  find  they  can  get  what 
they  need  in  lower-cost  low-end 
boxes,  analysts  says. 

“Customers  are  looking  for 
short-term  [ROI]  for  their  IT  infra¬ 


structure,  so  they’re  buying  two- 
ways  when  and  where  they  can 
instead  of  potentially  investing  in 
a  large-scale  system  that  they 
might  grow  into  over  years,” 
Melenovsky  says. 

At  veterinary  research  firm 
Intervet,  for  example,  eight-way 
systems  only  got  a  passing  glance. 
Chad  Elliott,  technology  team 
leader  at  the  Millsboro,  Del.,  com¬ 
pany,  says  clustering  two-way 
PowerEdge  2650s  and  four-way 
FbwerEdge  6650s  gives  him  the 
processing  power  he  needs,  while 
protecting  him  from  downtime 
because  of  hardware  failures. 

“We  looked  at  clustering  for  the 
fault  tolerance  it  provides,”  he 
says.  “With  one  big  server,  when 
that  goes  down  everything  on 
that  server  is  down  until  you  get  it 
fixed.  With  a  clustered  solution,  if 
you  lose  one  physical  server  with¬ 
in  the  cluster,  it  all  fails  over  to  a 
server  that  is  working. . .  .With  a  big 
eight-way  box,  it’s  putting  all  your 
eggs  in  one  basket.” 

Bill  Hicks,  senior  vice  president 
of  technology  and  CIO  at  Pre¬ 
cision  Response  in  Miami,  says 
that  managing  two-way  and  four¬ 
way  boxes  is  easier  than  handling 
a  more  sophisticated  eight-way 


The  case  for  clustering: 

•  Cutting  costs.  Clustering 
four  two-way  boxes  that  run  in 
the  thousands  of  dollars  can 
save  you  cash  vs.  buying  a 
$45,000  eight-way  box. 

•  Pay  as  you  grow.  As 

processing  needs  grow,  throw 
another  two-  or  four-way  box 
into  the  cluster.  No  need  to  have 
idle  hardware  standing  by. 

•  Backing  things  up.  Clusters 
give  you  backup  and  failover 
that  you  wouldn't  get  with  a 
single  box. 

•  Software  support.  ISVs 
such  as  Oracle  with  its  9i  Real 
Application  Clusters  are  writing 
applications  designed  to  run  in 
distributed  environments. 


machine. 

“Getting  two-way  or  four-way 
boxes  to  perform  well  is  much 
easier  than  making  eight-  to  32- 


The  eight-way  agenda: 

•  Processing  oomph.  Large 

database-  and  transaction¬ 
intensive  applications  aren't  yet 
ready  for  distributed  environ¬ 
ments  and  need  the  perform¬ 
ance  of  one  multi-processor 
system. 

•  Consolidation.  Running 
virtualization  software  on  eight¬ 
way  machines  results  in  less 
data  center  sprawl. 

•  Managing  things.  Fewer 
boxes  means  fewer  admini¬ 
strative  and  management 
headaches. 

•  Building  blocks.  Vendors 
such  as  IBM  and  HP  offer  Intel 
machines  that  can  start  with 
fewer  processors  and  scale  up 
to  eight-way  systems  (and 
bigger),  as  needed. 

way  systems  work  well,”  he  says. 
“Complex  systems  cost  more  and 
introduce  more  risk.” 

See  Dell,  page  54 


Secure  Sockets  Layer:  Too  much  of  a  good  thing? 

SSL  remote  access  is  popping  up  all  over,  but  not  all  users  want  all  the  features. 


Hope  for  a  big  return 


With  SSL  remote-access  gear  predicted  to  haul  in  $900 
million  in  2006  by  Infonetics  Research,  venture  capital 
firms  have  been  pouring  tens  of  millions  of  dollars  into 
start-ups  focusing  on  this  technology. 

Funding 

(in  millions) 
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uRoam  Whale 

'Sold  for  $25  million 

■  BY  TIM  GREENE 

Companies  looking  to  use  Se¬ 
cure  Sockets  Layer  remote-access 
technology  for  reaching  private 
corporate  servers  over  the  Inter¬ 
net  are  getting  more  options  to 
buy  this  capability  bundled  in 
boxes  with  other  functions. 

FTi  Networks  last  week  bought 
SSL  remote-access  vendor  uRoam 
with  the  idea  of  marrying 
uRoam’s  remote-access  capabil¬ 
ities  to  F5’s  load-balancing/ 
Web  acceleration  box  called  Big- 
IP  Earlier  in  the  week  NetScaler 
announced  that  it  plans  to  add 
SSL  remote-access  software  to  its 
Request  Switch  9000  iON  Web 
acceleration  appliance. 

Combining  features  on  one 
device  would  reduce  the  number 
of  boxes  in  networks.  This  would 
suit  companies  that  want  to  let 
authorized  users  securely  access 
servers  using  just  the  Web  browser 
on  Internet-connected  PCs,  and 
that  want  to  proxy  and  load-bal¬ 
ance  access  to  servers.  So  for 


instance,  when  the  products  are 
integrated,  rather  than  buying  an 
FTi  Big-IP  switch  and  a  uRoam 
FI  re  Pass  SSL  remote-access  server, 
customers  will  be  able  to  buy  a 
Big-IP  that  has  Fire  Pass  features. 

Because  these  devices  individu¬ 
ally  would  occupy  the  same  spot 
in  the  network  —  between  the 


firewall  and  corporate  servers  — 
it  makes  sense  to  combine  func¬ 
tions  so  the  traffic  is  parsed  once, 
has  multiple  policies  applied  to  it 
and  then  is  forwarded  to  its  desti¬ 
nation,  according  to  Richard 
Steinnon,  research  director  for 
network  security  at  Gartner.  Other 
vendors,  such  as  Fortinet,  Net- 


Continuum,  TippingPoint  Tech¬ 
nologies  and  Blue  Coat  Systems, 
combine  security  and  traffic 
shaping, he  says, adding  that  these 
perform  intrusion  detection  and 
other  security  screening,  but  not 
SSL  remote  access. 

Not  all  users  would  find  a  smor¬ 
gasbord  of  features  attractive. 
Raymond  Williams,  network  engi¬ 
neer  for  Northwest  Multiple 
Listings  in  Kirkland,  Ore.,  uses  an 
F5  Big-IP  box  to  balance  traffic  to 
servers,  but  says  he  does  not 
need  SSL  remote-access  capabili¬ 
ties.  He  bought  the  device  to 
meet  a  specific  need,  boosting 
server  performance. 

A  host  of  vendors  are  approach¬ 
ing  SSL  remote  access  from  dif¬ 
ferent  angles.  Vendors  such  as 
Aspelle,  Neoteris,  SafeWeb  and 
uRoam  have  focused  on  SSL 
remote  access.  Others,  such  as 
Array  Networks,  support  SSL 
remote  access  but  also  load-bal¬ 
ance  among  the  Web  servers  they 
protect,  cache  frequently  ac¬ 
cessed  sites  and  compress  traffic. 


And  traditional  network  and 
security  vendors  such  as  Check 
Fbint,  Nokia  and  Nortel  are  mak¬ 
ing  SSL  pushes.  Cisco  says  it  will 
enter  the  market  in  the  fall,  but 
hasn’t  said  how. 

Part  of  the  lure  may  be  that  the 
SSL  remote-access  market  is 
poised  to  explode,  according  to 
Infonetics  research,  which  pre¬ 
dicts  that  more  than  $900  million 
will  be  spent  on  the  gear  in  2006. 

The  flood  of  vendors  trying  to 
get  a  piece  of  the  action  could 
pose  a  problem  for  network  exec¬ 
utives  because  there  will  be  so 
many  products  to  choose  from 
with  so  many  varying  features, 
says  Zeus  Kerravala,  an  analyst 
with  The  Yankee  Group. 

“There’s  such  a  thing  as  too 
many  options”  he  says.  “SSL 
remote  access  was  a  simple  solu¬ 
tion  to  a  big  problem.  Now  ven¬ 
dors  are  trying  to  address  many 
different  problems.  Users  need  to 
define  what  problem  they  want  to 
solve  and  look  for  the  product 
that  solves  it."B 
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Winternals 
ecovery 
Manager 

Tape  backup  is  the  last  resort  when  systems  fail.  But 
there  is  a  critical  gap  in  any  tape  backup  strategy  —  the 
time  it  takes  to  restore  from  backup,  and  the  data  you 
lose  by  overwriting  existing  data.  Winternals  Recovery 
Manager  fills  that  gap.  With  Recovery  Manager,  you  use 
Recovery  Point  snapshots  to  restore  your  damaged  OS  in 
minutes,  with  zero  data  loss.  And  you’ll  have  access  to  a 
wide  array  of  surgical  repair  and  root-cause  analysis  features. 
So  before  you  turn  to  tape  backup  as  the  last  resort,  save  your 
time  and  your  data.  Turn  to  Winternals  Recovery  Manager  as 
your  first  line  of  defense. 


Repair.  J;v 


over.  Accelerate 


Learn  More! 

1-800-408-8415 
www.  winternals  .com 


©  2003  Winternals  Software  LP.  All  rights  reserved  Winternals  is  a  registered  trademark  of  Winternals  Software  LP.  Winternals  Recovery  Manager  is  a  trademark  of  Winternals  Software  LP.  All  other  trademarks  are  properties 
of  their  respective  owners  in  the  US  and/or  other  countries  Winternals  disclaims  proprietary  interest  in  the  marks  and  names  of  others. 


Bluetooth  gets  greasy  and  gritty 


■  BY  JOHN  COX 

This  is  the  future  of  coolness  in 
wireless:  a  Bluetooth  radio 
housed  in  a  dirt-tight  metal  brick 
that’s  the  size  of  a  paperback 
book,  weighs  over  a  half-pound, 
and  has  a  GUI  that  consists  of 
three  LEDs. 

It’s  cool  because  you  can  hang 
the  brick  on  a  conveyor  belt, 
rotating  kiln,  water  pump  or  crane 
and  transmit  temperature,  vibra¬ 
tion  and  other  data  up  to  300  feet 
without  the  time,  trouble  and  cost 
of  running  wires. 

Welcome  to  industrial 
Bluetooth. 

With  little  fanfare,  Bluetooth  is 
gaining  acceptance  in  many  grit¬ 
ty,  greasy  and  loud  applications 
that  are  a  far  cry  from  cell  phones 
and  headsets.  For  example: 

•  A  steel  company  saved 
$10,000  using  Bluetooth  instead 
of  cabling  to  connect  a  new  set  of 
sensors  to  the  control  room  of 
one  plant. 

•  A  cement  manufacturer  uses 
Bluetooth  to  simplify  installing, 
and  to  maintain  temperature  and 
moisture  sensors  on  huge  rotat¬ 
ing  kilns. 

•  The  city  of  Oslo,  Norway  uses 
Bluetooth  to  monitor  the  status  of 

'  > 

Big  plans  for 
Bluetooth 

A  2003  survey  of  data 
acquisition  product 
buyers  found  that  4% 
are  using  Bluetooth 
today.  But  by  2007, 

21% 

expect  to  be  using  it  for 
industrial-class  gear. 

SOURCE:  VENTURE  DEVELOPMENT 
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heavy  equipment  at  179  water 
pumping  stations. 

•  A  metals  fabricator  saved 
weeks  and  tens  of  thousands  of 
dollars  in  rewiring  costs  by  using 
electronic  sensors  and  Bluetooth 
to  track  pours  of  molten  metal 
into  industrial  molds. 

A  2002  study  by  research  firm 
Venture  Development  predicts 
that  overall  product  shipments  for 
all  types  of  wireless  monitoring 
and  control  gear  in  manufactur¬ 
ing  will  increase  from  about  $109 
million  in  2001  to  about  $752  mil¬ 


lion  in  2006,  growing  at  a  com¬ 
pound  annual  rate  of  about  47%. 

A  study  this  year  by  In-Stat/ 
MDR  concludes  that  Bluetooth 
product  shipments  in  vertical 
markets  such  as  manufacturing, 
utilities,  transportation,  mining 
and  healthcare  will  jump  from 
almost  nothing  this  year  to  nearly 
2.5  million  in  2007.  In-Stat  analyst 
Joyce  Putscher  says  manufactur¬ 
ing  and  healthcare  will  be  the 
most  active  segments. 

Unwiring  these  kinds  of  prod¬ 
ucts  yields  some  dramatic  bene¬ 
fits  for  industrial  operations. 

“Eliminating  cables  is  a  huge 
part  of  this  picture,”  says  Sandy 
Harper,  senior  research  and 
development  project  engineer  for 
Parker  Hannifin,  an  industrial 
controls  company  based  in 
Cleveland. “There  is  a  lot  of  wear 
and  tear  on  cables  in  harsh  envi¬ 
ronments  or  in  robotics  or  other 
applications  where  machinery  is 
constantly  moving.” 

A  $5  to  $10  Bluetooth  chip 
embedded  in  a  sensor  or  pro¬ 
grammable  logic  controller  can 
eliminate  not  only  that  ongoing 
maintenance  burden  but  also  the 
costs  of  laying  cable.  William 
Drake,  manager  of  wireless  tech¬ 
nology  for  Wilcoxon  Research 
says  one  oil  company  client  esti¬ 
mated  that  putting  new  cable  into 
existing  aluminum  conduit  in  a 
refinery  cost  $25  per  foot;  if  you 
had  to  put  in  new  conduit  as  well, 
the  cost  shot  up  to  $100  per  foot. 

One  of  the  surprises  for  users  is 
realizing  the  current  range  of  the 
Bluetooth  chips.  “When  we  go  to 
automation  conferences,  two  out 
of  every  three  questions  we  get 
are, ‘I  thought  Bluetooth  was  only 
good  for  [33  feet],’  ”  Drake  says. 
“We  built  a  Bluetooth  Class  1  [328 
feet]  radio  for  sensor  applica¬ 
tions.”  A  reach  of  300  feet  gives 
Bluetooth  flexibility  in  connect¬ 
ing  industrial  sensors  and  con¬ 
trols  with  existing  manufacturing 
networks. 

Another  attraction  is  the  robust 
128-bit  encryption  scheme  in  the 
Bluetooth  specification  that  pro¬ 
tects  data  transmissions  from 
malicious  interference. 

Bluetooth’s  adaptive  frequency 
hopping  lets  a  Bluetooth  2.4-GHz 
radio  sidestep  channels  occu¬ 
pied  by  other  radios  or  by  elec¬ 
tromagnetic  emissions. 

In  most  of  these  applications,  it 
is  not  a  problem  that  Bluetooth’s 
bandwidth  peaks  at  1M  bit/sec. 
Sensors  and  similar  devices  typi¬ 
cally  send  and  receive  small 


chunks  of  data,  and  Bluetooth’s 
pipe  is  more  than  enough. 

Despite  these  strengths,  the  new 
industrial  automation  working 
group  in  the  Bluetooth  Special 
Interest  Group  is  fine-tuning 
Bluetooth  for  industrial  uses. 

Additions  will  be  made  to  exist¬ 
ing  Bluetooth  profiles.  The  pro¬ 
files  describe  how  to  use  Blue¬ 


tooth  for  specific  tasks,  such  as 
printing  and  serial  communica¬ 
tions.  The  new  working  group, 
chaired  by  Wilcoxon’s  Drake,  will 
create,  in  effect,  a  supplement  to 
some  of  these  profiles.  For  exam¬ 
ple,  serial  communications  for 
industrial  use  might  include 
some  specific  protocols.  Another 
supplement  would  specify  a 
wider  range  of  environment  tem¬ 
peratures  to  address  the  harsher 
conditions  often  found  in  indus¬ 
trial  environments. 

Drake  says  he  hopes  to  present 
a  preliminary  draft  and  a  test  pro¬ 
cedure  for  certification  at  the 
Bluetooth  Developers  Confer¬ 
ence  in  December. 

All  this  activity  is  having  an 
effect  on  users. 

A  recent  survey  of  buyers  of 
data  acquisition  gear  in  various 
industries  found  a  high  level  of 
awareness  of  Bluetooth,  says 
James  Taylor,  group  manager  for 
industrial  automation  at  Venture 
Development. “A  year  ago,  we  did 
not  find  a  heck  of  a  lot  of  interest 
in  Bluetooth”  he  says.  “In  this 
study,  we  found  4%  currently 
using  Bluetooth  in  data  acquisi¬ 
tion.  But  looking  out  five  years, 
21%  said  they  were  likely  to  be 
using  Bluetooth.”  Among  OEM 
companies  serving  the  medical/ 
healthcare  market,  that  number 
was  40%. 

The  awareness  is  being  fueled 
by  a  growing  product  portfolio 
from  an  increasing  number  of 
vendors,  including  ABB  Group, 
BlueGiga  Technologies,  Connect- 
Blue,  Parker  Hannifin  and 
Wilcoxon. 

Wilcoxon  released  its  BlueLynx 
wireless  sensor  link  in  January 
that  is  targeted  at  process-control 
applications  using  a  4-  to  20-mil- 
liampere  signal.  The  device  can 


monitor  vibration,  pressure,  tem¬ 
perature  or  flow  sensors,  or  any 
combination  of  these.  In  April, 
Frost  &  Sullivan  gave  the  BlueLynx 
a  2003  product  of  the  year  award 
for  industrial  technology 
Socket  Communications  and 
Isochron  Data  recently  released 
the  first  in  a  series  of  Bluetooth 
products  to  let  PbcketPC  hand¬ 


held  devices  manage  industrial 
equipment.  The  first  product, 
VendCast  Mobile,  links  the  hand¬ 
held  with  controllers  in  vending 
machines. 

Parker  Hannifin  is  expected  to 
soon  release  an  array  of  Blue¬ 
tooth  products  it  has  been  de¬ 
monstrating  at  trade  shows.  One 
demonstration  includes  several 
pneumatic,  electromechanical 
and  hydraulic  devices  controlled 
by  a  new  Bluetooth  “valve  island” 
that  wirelessly  sends  control  sig¬ 
nals  to  the  various  devices. 

Other  wireless  technologies  will 
have  their  place  with  Bluetooth 
or  even  compete  with  it.  In  May 
the  IEEE  began  crafting  Zigbee, 
the  draft  specification  of  802.15.4, 
aimed  at  creating  an  even  lower- 
power,  shorter-range,  wireless 
technology  (see  www.nwfusion. 
com,  DocFinder:  6945).  And 
Ericsson  Technology  Licensing 
reportedly  is  considering  devel¬ 
oping  a  more-lightweight  deriva¬ 
tive  of  Bluetooth  in  response.  ■ 


\  I  / 


1THIS  WEEK'S  QUESTION: 

Which  carrier  is 
Verizon’s  joint  venture 
partner  in  Verizon 
Wireless? 

Answer  this  and  nine  addtonal  questions 
online  and  you  could  win  $500!  Visit 

Network  World  Fusion  and  enter  2349 
in  the  Search  [kk. 

www.nwrusion.com 


kk  Eliminating  cables  is  a  huge  part  of  this  . . 
. .  There  is  a  lot  of  wear  and  tear  on  cables." 

Sandy  Harper 

Senior  research  and  development  project  engineer 
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where  information  lives 


Did  you  knowthatsomeofour 

BEST  STORAGE  PRODUCTS  COME 
ON  A  DIFFERENT  KIND  OF  DISK? 

OUR  SOFTWARE  GIVES  YOU  SOME 
VERY  SMART  CHOICES. 


To  manage  complexity,  you’ve  got  to  outsmart  it.  EMC  Automated  Networked  Storage™  delivers  the 
software  that  automates  management  of  your  multi-vendor  storage  infrastructure,  including  the  most 
error-prone  tasks  such  as  monitoring  and  provisioning.  Now  you  can  gain  a  unified,  end-to-end  view  of  your 
entire  environment.  Define  your  service  levels.  And  run  an  agile,  active  infrastructure  that  helps  the  busi¬ 
ness  pounce  on  opportunity. 

See  how  other  companies  are  using  EMC  Automated  Networked  Storage  to  manage  more 
information  with  less  effort  at  www.EMC.com. 
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■  LAN/WAN  SWITCHES  AND  ROUTERS 

■  ACCESS  DEVICES  ■  SERVERS  ■  VPNS 

■  OPERATING  SYSTEMS  ■  NETWORKED  STORAGE 

■  VOIP  ■  WIRELESS  NETWORKS 


Foundry  adds  load-balancing,  security  features 


Going  deep 


New  software  for  Foundry’s  Layer  4  to  7  Serverlron  switch  could  help 
speed  up  XML-based  Web  services  traffic. 

Web  server  farm 

(S\ 


HTML-based  Web  page  traffic 

-  XML-based  Web  services 
application  traffic 


Available 


Router 


m 

m 

■  4  LY 1' 

1  • 

Foundry  Serverlron 


O  HTML  and  XML  traffic  enters  a  site. 

©  A  Serverlron  inspects  each  packet  at  Layer  7  to  determine 
what  application  it  belongs  to.  A  new  XML  agent  in  the 
Serverlron  software  lets  it  identifies  and  applies  policies 
to  traffic  such  as  Web  services  applications. 

©  XML  and  HTML  traffic  are  sent  to  their  respective  servers,  and 
traffic  is  load-balanced  among  Web  and  Web  services  boxes. 


Web  services 
server  farm 


ment]  as  everyone  in  the  industry  starts  to 
adopt  .Net  and  Java  [Web  services]  appli¬ 
cations,”  he  says. 

Foundry’s  Serverlron  family  includes 
the  Serverlron  100,  400  and  800  line  of 


modular  switches  and  the  ServerlronXL 
fixed-configuration  switch. 

Serverlron  is  deployed  as  a  load-balanc¬ 
ing  device,  a  capacity  in  which  it  identifies 

See  Foundry,  page  18 


Start-up  offers  InfiniBand  iSCSI  router 


■  BY  PHIL  HOCHMUTH 

Thwarting  denial-of-service  attacks,  load 
balancing  multiple  ISP  links  and  speeding 
Web  services  traffic  —  these  are  among 
the  new  features  in  Foundry  Networks’ 
Serverlron  switches,  the  vendor  an¬ 
nounced  last  week. 

Foundry’s  TrafficWorks  Ironware  9.0  oper- 


Takes 


■  Wireless  LAN  security  company 
AirDefense  last  week  released  a  new 
version  of  its  monitoring  software, 
adding  support  for  the  new  802.1 1g 
wireless  standard  and  a  policy- 
enforcement  feature  that  can  push 
configuration  changes  to  remote 
access  points.  AirDefense  3.5  is  the 
second  generation  of  the  company’s 
WLAN  monitoring  software.  The  prod¬ 
uct  sits  on  top  of  wireless  VPNs  and 
encryption  technology,  and  lets 
administrators  survey  wireless 
access  points  and  client  machines 
across  their  networks,  the  company 
says.  With  a  server  appliance  and  a 
distributed  network  of  sensor  appli¬ 
ances,  AirDefense  lets  customers 
monitor  all  activities  on  their  WLANs 
from  a  centralized  management  inter¬ 
face.  The  platform  consists  of  two 
modules:  AirDefense  RogueWatch, 
which  provides  monitoring  features 
and  spots  unauthorized  access 
points;  and  AirDefense  Guard,  which 
includes  network  intelligence  and 
security  features.  AirDefense  is  avail¬ 
able  for  about  $10,000. 

■  UltraBac  Software  announced 
new  software  last  week  that  backs  up 
servers  and  workstations  by  taking  a 
snapshot  disk  image.  Called  Ultra¬ 
Bac  Disaster  Recovery  Pro,  the 
software  takes  images  of  the  data  to 
be  backed  up  on  a  scheduled  basis. 
The  image  file  is  compressed  before 
being  stored  on  tape  or  disk  and  can 
be  restored  at  up  to  800M  byte/min- 
ute  on  a  Gigabit  Ethernet  network. 
UBDR  Pro,  which  works  on  Windows 
networks,  is  $695  per  server. 


ating  system  —  which  runs  the  Serverlron 
switch  —  includes  an  XML  switching  com¬ 
ponent  that  could  help  users  accelerate 
load  balancing  of  XML-based  traffic  among 
servers  running  Web  services  applications. 
Other  upgrades  in  the  code  are  aimed  at 
helping  stop  TCP  ACK  DoS  offensives 
against  servers,  and  another  function 
allows  forWAN-link  load  balancing  for  sites 
connected  to  multiple  ISPs. 

Industry  watchers  say  hardware  that 
improves  the  performance  of  XML-based 
traffic  on  a  LAN  or  WAN  could  become  an 
infrastructure  must-have. They  say  compa¬ 
nies  with  Web  services  strategies  will 
become  heavy  XML  users  because  XML  is 
the  core  messaging  protocol  for  platforms 
such  as  Microsoft  .Net  and  Sun  One. 

The  XML  switching  figures  into  the  plans 
of  Forbes.com,  which  has  Serverlron  100 
and  ServerlronXL  switches  deployed  to 
load  balance  dozens  of  Web  content 
servers. 

“The  ability  to  load  balance  traffic  based 
on  XML  data  is  of  high  value  to  us,”  says 
Mike  Smith,  CTO  for  Forbes.com. The  Web 
site  plans  to  roll  out  Web  services  applica¬ 
tions  this  year  to  support  the  services  for 
advertisers  and  readers. 

“Supporting  Web  services  will  become  a 
requirement  [for  load  balancing  equip- 


■  BY  DENI  CONNOR 

Start-up  Voltaire  recently  gave  users  a 
peek  at  software  that  will  let  them  link 
departmental  or  remote  storage  to  servers 
in  data  centers,  or  connect  tape  drives  or 
libraries  to  networks  for  backup. 

At  the  recent  Cluster  World  conference, 
the  company  said  it  plans  to  add  iSCSI 
capability  to  its  InfiniBand  switch/router 
and  host  channel  adapter.  The  iSCSI  pro¬ 
tocol  lets  Fibre  Channel  data  be  trans¬ 
ported  across  Gigabit  Ethernet  networks. 
Currently,  the  company’s  ISR  6000  switch/ 
router  connects  network-attached  storage 
arrays  and  other  storage-area  network 
arrays  to  InfiniBand-clustered  servers  via 
Fibre  Channel. 

The  company’s  iSCSI/InfiniBand  soft¬ 
ware  uses  the  Remote  Direct  Memory 
Access  (RDMA)  features  built  into  Infini¬ 
Band  to  remove  the  overhead  that  iSCSI 
imposes, reduce  latency  and  eliminate  the 


Storage  boost 

According  to  IDC,  the  market 
for  iSCSI  storage  arrays  will 
grow  from  $12  million  in 
2002  to  $4.9  billion  by  2007. 


need  to  install  a  separate  Fibre  Channel 
adapter  when  a  server  is  connected  to  an 
InfiniBand  fabric. 

To  enable  iSCSI  RDMA  and  InfiniBand,  a 
user  would  insert  an  InfiniBand  adapter 
in  a  server  instead  of  a  Fibre  Channel 
adapter.  The  adapter,  which  would  have 
iSCSI  RDMA  software  installed,  would 
communicate  using  iSCSI  with  the  Infini¬ 
Band  switch  router. 

Other  vendors  such  as  Topspin  Com¬ 
munications  and  InfiniCon  already  use  an 


alternative  to  iSCSI  RDMA  over  InfiniBand 
called  the  SCSI  RDMA  Protocol  (SRP), 
which  exchanges  data  between  SCSI  de¬ 
vices  using  RDMA.  Unlike  Voltaire’s 
approach,  SCSI  RDMA  does  not  have  a 
management  infrastructure  and  is  propri¬ 
etary,  the  company  says. 

“Voltaire  is  using  a  more  standard  and 
universally  accepted  protocol  called 
iSCSI,  which  is  going  to  become  prevalent 
a  year  from  now,”  says  Arun  Taneja,  a 
senior  analyst  with  Taneja  Group.“SRP  was 
done  before  iSCSI  became  the  dominant 
protocol.” 

In  addition,  the  company  announced 
that  StoreAge’s  virtualization  software  will 
run  on  its  ISR  6000  InfiniBand  switch/ 
router,  letting  users  congregate  storage 
resources  from  disparate  storage  arrays 
into  a  pool  for  easier  management. 

Pricing  of  the  iSCSI-enabled  switch/ 
router  has  not  been  announced.  It  is 
expected  to  be  available  this  fall.  ■ 
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If  you  misplace  your  cell  phone,  it’s  fair¬ 
ly  easy  to  use  a  different  phone  to  call 
it  and  then  follow  the  ring  to  retrieve  it. 
Even  if  you’ve  left  it  beyond  the  range  at 
which  you  could  hear  it,  someone  might 
answer  it  and  tell  you  where  it  is.  Suppose 
you  could  do  something  similar  with  your 
car  keys,  your  dog  or  even  your  kids? 

Former  Apple  wiz  Steve  Wozniak  thinks 
people  would  pay  to  be  able  to  quickly 
locate  those  things  they  frequently  mis¬ 
place  or  otherwise  lose  track  of.  His 
Wheels  of  Zeus  (www.woz.com)  start-up 
hopes  to  combine  the  Global  Fbsitioning 
System  (GPS)  with  a  low-power,  long- 
range  wireless  protocol  that  operates  at 


A  ‘Web  service'  you  can  use 


about  1,200  baud.  The  company  expects 
the  combination  GPS  monitor  and  wire¬ 
less  radio  to  sell  for  less  than  $100.  It  is  esti¬ 
mated  that  this  can  cover  a  range  of  1  or  2 
miles,  but  Wozniak  believes  it  can  be 
extended  by  using  the  Internet  —  by  con¬ 
necting  one  radio  to  another  in  a  global 
peer-to-peer  network  you’d  be  able  to 
search  within  a  couple  of  miles  of  every 
attached  wireless  device. 

You’d  need  to  tag  everything  you  wanted 
to  be  able  to  trace  (probably  you’d  need 
to  imbed  one  in  a  teenager,  or  make  it 
look  like  a  safety  pin!)  but  the  tags  should 
be  small  enough  to  be  unobtrusive. 

You  could  put  one  on  employees’  ID 
cards,  and  then  easily  track  down  the  per¬ 
son  who  was  late  for  (thus  holding  up) 
the  meeting.  (That’s  a  joke;  I  don’t  think 
the  system  would  work  well  except  in  the 
smallest  companies.) 

Now  I’m  sure  the  privacy  purists  will  be 
up  in  arms  once  again,  just  as  they  were 


with  Wal-Mart’s  plan  to  use  radio  fre¬ 
quency  identification  (RFID)  tags  in  its 
inventory,  but  there’s  little  danger  that  this 
system  could  be  used  on  any  city-, state-  or 
country-wide  government  tracking  sys¬ 
tem.  The  beauty  is  that,  given  the  low- 
power,  low-bandwidth  system  scaling 
beyond  a  few  dozen  devices  would  be 
impractical.  The  limited  range,  while  per¬ 
fect  for  the  individual  user  would  be 
wildly  ineffective  when  attempted  on  a 
large  scale. 

Personal  networking,  wireless,  peer-to- 
peer,  RFID,  identity  management  —  if 
Wozniak  could  only  wrap  it  up  in  a  “Web 
services"  envelop  he  would  have  all  of 
today’s  hottest  buzz  words  in  one  small, 
relatively  inexpensive  product  which,  of 
course,  is  a  pretty  good  description  of 
Apple  Computers  twenty-some  years  ago. 
It  worked  then.it  could  work  again. 

Kearns,  a  former  network  administrator, 
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is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@  vquill.com. 


Tip  of  the  Week 


The  U.S.  and  many 
European  governments 
also  soon  will  be  embedding 
machine-readable  tags  — 
these  containing  biometric 
descriptions.  New  U.S.  laws 
require  machine-readable 
passports  with  biometric 
data  to  more  readily  identify 
people  entering  the  country. 
See  www.nwfusion.com, 
DocFinder:  6930,  for  links  to 
more  details. 


IBM  adds  grid  computing  to  WebSphere 


■  BY  PETER  SAYER  AND 
JENNIFER  MEARS 

When  IBM  ships  the  latest  ver¬ 
sion  of  its  WebSphere  Application 
Server  later  this  month,  it  will 
include  a  grid  computing  feature 
that  is  designed  to  let  users  har¬ 
ness  their  computing  resources 
into  a  virtual  system  that  will  grow 
and  shrink  according  to  demand. 

The  software  monitors  work¬ 
load  and  automatically  routes 
traffic  to  servers  based  on  utiliza¬ 
tion.  Users  can  run  WebSphere 
applications  on  a  server  cluster 
that  can  share  workloads,  rather 
than  attributing  fixed  functions, 
such  as  serving  Web  pages  or  han¬ 
dling  back-office  transactions,  to 
particular  machines,  says  Dan 
Fbwers,  IBM’s  vice  president  of 
grid  computing  strategy 

“It’s  about  the  ability  to  balance 
Web  server  workloads  in  a  more 
dynamic  wa/  Fbwers  says. 

The  technique  allows  load  bal¬ 
ancing  between  applications  and 
lets  systems  managers  set  the 
parameters  under  which  servers 
will  take  on  a  new  role,  he  says. 

Analysts  say  the  new  technol¬ 
ogy  is  another  step  in  IBM’s  effort 
to  deliver  on-demand  computing, 
an  architecture  in  which  the  IT 
infrastructure  acts  as  a  pool  of 
resources  that  can  respond  dy¬ 
namically  to  business  demands. 

“WebSphere . . .  really  is  the  foun¬ 
dation  where  all  these  business 
process  executions  occur  and  is  a 
center  point  for  integrating  legacy 
applications,”  says  Pierre  Fricke, 
executive  vice  president  at  con¬ 


sulting  firm  D.H.  Brown  Associ- 
ates.“WebSphere  is  a  natural  con¬ 
trol  point  to  distribute  this  work¬ 
load  around  the  grid.” 

Corporations  are  only  now  start¬ 
ing  to  embrace  grid  computing, 
which  historically  has  been  used 
for  technical  and  research  appli¬ 
cations  within  the  academic  and 
scientific  communities.  IBM  an¬ 
nounced  its  focus  on  building 
corporate  grids  in  January  and 
now  has  grid  offerings  for  cus¬ 
tomers  in  the  aerospace,  automo¬ 
tive,  financial  markets,  govern¬ 
ment,  life  sciences,  agricultural 
chemical,  electronics,  higher  edu¬ 
cation  and  petroleum  industries. 

Driving  adoption 

IBM  executives  and  analysts 
agree  the  grid  computing  feature 
in  the  Java  2  Platform  Enterprise 
Edition-based  WebSphere  plat¬ 
form  will  help  drive  corporate 
adoption  of  the  architecture, 
which  links  compute  resources 
such  as  servers  into  one  virtual 
system  to  let  businesses  capitalize 
on  available  resources. 

“Once  you’re  using  Web  services 
to  connect  your  applications,  grid 
computing  can  slip  underneath 
that  and  make  more  efficient  use 
of  your  infrastructure,”  Fricke  says. 
“Customers  can  now  look  at 
[WebSphere]  as  providing  the 
tools  to  put  grid  computing  into  a 
Web  services  environment/ 

Version  5.0.2  of  WebSphere  App¬ 
lication  Server  Enterprise  Edition 
also  will  add  a  feature  called 
Automatic  Backup  Clusters,  let¬ 
ting  customers  designate  a  server 


group  to  act  as  a  backup  for 
another  cluster,  without  the  need 
to  write  code  or  get  involved  in 
complex  configuration,  the  com¬ 
pany  says. 

With  the  new  WebSphere  Perfor¬ 
mance  Advisor  tool,  users  can 
seek  advice  on  how  best  to  con¬ 
figure  a  cluster  to  balance  loads. 
The  tool  advises  managers  how  to 
set  parameters  to  handle  different 
levels  of  network  traffic,  accord¬ 
ing  to  the  company 

Over  the  next  year,  IBM  says  it 
hopes  to  improve  the  load-bal¬ 
ancing  technology  to  take  on 
load  balancing  for  other  high-per¬ 
formance  computing  applica¬ 
tions,  Fbwers  says.  For  example,  a 
stockbroker’s  online  trading  sys¬ 
tem  could  borrow  capacity  from 
a  back-office  cluster  performing 
portfolio  analysis  and  optimiza¬ 
tion  during  busy  trading  hours, 
and  then  take  on  batch  process¬ 
ing  of  the  portfolios  after  trading 
hours,  he  says. 

Machines  swapping  processing 
capacity  in  this  way  needn’t  nec¬ 
essarily  be  closely  connected. 
“These  kinds  of  applications  are 
usually  data  light  and  processing 
heavy.  There’s  not  a  lot  of  band¬ 
width  needed  (Fbwers  says. 

The  new  version  will  be  a  free 
upgrade  for  those  already  mnning 
the  Enterprise  edition.  Otherwise, 
WebSphere  Application  Server 
costs  $30,000  per  processor,  or 
$15,000  if  upgrading  from  an  edi¬ 
tion  other  than  Enterprise. 

Sayer  is  a  correspondent  with 
IDG  News  Service's  Paris  bureau. 
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continued  from  page  17 

traffic  based  on  Layer  4  server 
port  information  in  packets,  then 
sends  traffic  to  the  most  available 
server.  Serverlron  also  acts  as  an 
application  switch,  where  it 
inspects  Layer  7  application  data 
in  packets  and  applies  traffic¬ 
handling  policies  based  on  more 
detailed  criteria. 

Besides  XML  support,  Traffic- 
Works  Ironware  9.0  includes 
faster  packet  processing  for  DoS 
attack  prevention.  Using  Layer  4 

The  Serverlron 
product  line 
netted  Foundry 
about  $44  million 
last  year. 

packet  inspection,  Serverlron 
can  identify  typical  DoS  attacks 
that  use  large  volumes  of  cor¬ 
rupted  TCP  messages  and  drop 
those  packets  before  they  reach 
a  server.  The  new  software 
speeds  up  Serverlron’s  TCP  SYN 
and  TCP  ACK  filtering  to  1.5  mil¬ 
lion  packet/sec,  15  times  as  fast 
as  the  previous  software  release. 

Smith  says  he  expects  the  high¬ 
er-scale  security  inspection  will 
help  the  site  run  smoothly  during 
normal  usage  and  peak  periods, 
such  as  when  Forbes  publishes 
its  annual  “Forbes  500”  or  “World’s 
Richest  Fteople"  lists. 

The  Serverlron  line  competes 
with  Cisco’s  CSS  Web  and  load¬ 


balancing  switches,  Nortel’s  Al¬ 
teon  Layer  4  to  Layer  7  switches, 
F5  Networks’  BiglP  load  bal¬ 
ancers  and  Radware’s  line  of 
load-balancing  and  application 
switches. 

The  Serverlron  product  line 
netted  Foundry  about  -$44  mil¬ 
lion  last  year  —  about  15%  of  its 
sales.  The  company  held  about 
10%  of  the  $210  million  Layer  4 
to  Layer  7  switch  market  in  2002, 
according  to  Gartner.  The  com¬ 
pany  was  second  to  Cisco  last 
year  in  terms  of  Layer  4  to  Layer 
7  port  shipments,  with  18%  of  the 
225,100  ports  shipped,  the  re¬ 
search  firm  says. 

Also  new  in  the  latest  Server- 
Iron  software  is  the  ability  to  load 
balance  Internet  links  from  mul¬ 
tiple  ISPs.  In  this  role,  the  Server- 
Iron  would  be  deployed  at  the 
edge  behind  two  routers  with 
multiple  ISP  connections.  The 
box  then  detects  which  of  the 
two  links  is  more  congested  and 
balances  WAN  and  Internet  traf¬ 
fic  between  the  two  links. 

“Tli is  kind  of  feature  is  new  to 
Foundry  and  an  important  one, 
says  Zeus  Kerravala,  an  analyst 
with  The  Yankee  Group. 

WAN  load  balancing  puts 
Foundry  in  with  a  new  group  of 
competitors,  such  as  NetReality, 
Racketeer  and  Proficient  Net¬ 
works/Foundry  lately  has  tried  to 
broaden  its  product  functionally 
beyond  switching,  but  without 
straying  from  its  core  compet¬ 
ency  Kerravala  adds. 

TrafficWorks  Ironware  9.0  is 
available  as  a  free  upgrade  for 
Serverlron  customers  with  sup¬ 
port  contracts.  Serverlron  switch¬ 
es  start  at  about  $12,000.  ■ 


Finally,  a  company  that  talks  big  and 
works  bigger.  A  company  that  talks  ROI 
and  actually  delivers.  A  company  that 
provides  real  business  value  you  can 
measure.  A  network  solutions  and 
services  provider  called  NextiraOne. 

/■  •• 

At  NextiraOne,  we  bring  clarity  to  your 
complex  communications  networks. 
Planning,  designing,  implementing, 
supporting  and  managing.  For  voice, 
data  and  converged  infrastructures. 

In  the  United  States  or  around  the 
world.  You  name  it,  we  do  it  -  with 
world-class  results. 

www.NextiraOne.com  (888)  398-0547 
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■  A  new  software  tool  from  anti-virus 
vendor  Sophos  is  designed  to  let  cus¬ 
tomers  aggregate  virus-alert  informa¬ 
tion  in  customized  reports.  Introduced 
last  week,  Sophos  EM  Reporter  is  a 
module  in  the  Sophos  Enterprise 
Manager  suite  that  provides  a  way  to 
graphically  display  information  on 
incidents  and  virus  alerts,  integrating 
with  Crystal  Decisions'  Crystal  Re¬ 
ports  software.  EM  Reporter  uses 
data  sent  by  Sophos  anti-virus  clients 
and  relies  on  a  company's  existing 
Simple  Mail  Transfer  Protocol  infra¬ 
structure  to  send  alert  information. 

EM  Reporter  is  available  as  a  free 
upgrade  for  existing  users  of  the 
Sophos  Enterprise  Manager  suite  and 
will  be  sold  to  new  customers  as  a 
standard  part  of  Enterprise  Manager. 

■  Proofpoint  last  week  announced 
its  first  product:  Proofpoint  Pro¬ 
tection  Server,  an  enterprise-class 
anti-spam  gateway  that  the  company 
says  uses  a  new  generation  of  spam- 
spotting  technology  that  is  more  ac¬ 
curate  at  spotting  unwanted  mail. 
Featuring  separate  modules  for  spam 
detection,  content  compliance  and 
virus  scanning,  the  Protection  Server 
sits  at  the  entrance  to  a  corporate 
network  and  analyzes  all  e-mail  mes¬ 
sage  traffic.  Like  other  anti-spam 
products,  Proof  point’s  spam-detection 
module  uses  anti-spam  techniques 
such  as  blacklists,  whitelists  and  heur¬ 
istic  pattern  matching  to  spot  spam 
e-mail.  Unlike  other  products,  howev¬ 
er,  the  Proofpositive  anti-spam  mod¬ 
ule  features  a  specialized  anti-spam 
engine,  which  applies  advanced  statis¬ 
tical  machine-learning  methods  to 
incoming  e-mail.  In  addition  to 
Bayesian  analysis,  which  has  long 
been  recognized  as  useful  for  spot¬ 
ting  spam,  the  Proofpositive  engine 
throws  lesser-known  tools  such  as 
logistical  regression  and  support  vec¬ 
tor  machines  to  weed  out  spam. 
Proofpoint  runs  on  Linux  or  Sun 
Solaris  operating  systems  and  uses 
the  open  source  Sendmail  product  as 
its  message-transfer  agent.  Pricing 
and  availability  were  not  announced. 


Spam  technology  seeks  acceptance 


■  BY  JOHN  FONTANA 

A  proposed  standard  filtering  technology 
originally  developed  to  help  end  users 
organize  messages  in  overstuffed  in-boxes 
instead  is  gaining  favor  as  a  niche  tool  to 
help  in  the  effort  to  stem  the  onslaught  of 
spam. 

Sieve,  which  became  a  proposed  Internet 
Engineering  Task  Force  Standard  in  Janu¬ 
ary  2001,  is  a  scripting  language  designed 
to  let  end  users  write  e-mail  filters,  such  as 
automatically  sorting  incoming  mail  into 
folders  based  on  a  senders  address. 

Since  the  Sieve  proposal  however,  the 
complexity  of  scripting  and  lack  of  support 
in  standard  clients  has  conspired  to  keep 
adoption  low. 

But  dramatic  changes  in  the  messaging 
landscape,  most  notably  spam,  now  appear 
to  be  casting  Sieve  in  a  new  light. 

With  the  spam  explosion,  companies 


have  taken  mail-filtering  chores  from  the 
desktop  to  the  IT  level  and  deployed  gate¬ 
ways  or  firewalls  in  an  attempt  to  stem  the 
blitz.  For  vendors,  such  as  Vircom,  Bright- 
mail,  ActiveState  and  Rockliffe,  Sieve  has 
become  a  tool  that  lets  customers  write 
customized  filters  for  their  spam  engines 
and  even  share  scripts. 

It  could  be  a  new  life  for  Sieve  because 
end-user  adoption  also  has  been  stymied 
by  the  fact  that  in-box  filtering  is  mostly  a 
power-user  endeavor.  Also,  Microsoft 
Outlook,  which  has  its  own  filtering  tech¬ 
nology  and  does  not  support  Sieve,  is  now 
the  default  client  for  Microsoft’s  Exchange 
Server  and  IBM/Lotus  Domino,  which 
together  account  for  more  than  200  million 
email  seats.  In  addition,  neither  messaging 
server  supports  Sieve,  which  can  be  imple 
mented  on  a  server  or  a  client. 

Sieve,  which  at  its  heart  is  a  scripting  lan¬ 
guage,  has  never  had  an  easy-to-use  GUI  for 


BMC  lightweight  mgrnt 
software  gains  some  heft 


■  BY  DENISE  DUBIE 

BMC  Software  next  month  is  scheduled 
to  roll  out  a  version  of  its  agentless  appli¬ 
cation  and  systems  management  product 
that  promises  to  give  customers  more  flexi¬ 
bility  when  it  comes  to  monitoring  local 
and  remote  enterprise  resources. 

Patrol  Express  3.0  will  offer  customers 
faster  installation  and  easier  administra¬ 
tion,  BMC  says.  New  features  include  Web 
transaction  monitoring  and  critical  alarms, 
which  help  customers  better  define  the 
conditions  and  urgency  of  network  events 
and  alarms. 

In  Version  3.0,  BMC  incorporated  Web 
transaction  monitoring  capabilities  from 
its  Site  Angel  offering,  which  lets  customers 
test  the  performance  and  availability  of 
their  Web  sites.  The  software  can  capture 
and  replay  Web  transactions  and  then  noti¬ 
fy  network  managers  if  there  are  any 
abnormalities  in  site  performance.  Cus¬ 
tomers  also  can  measure  Internet  latency 
by  simulating  transactions  through  more 
than  30  points  of  presence  BMC  has 
around  the  world. 

The  software  also  includes  new  alarm 
features  that  customers  can  use  to  more 


accurately  define  the  conditions  of  a  criti¬ 
cal  alarm.  Upgraded  reporting  features 
show  network  managers  the  status  of  man¬ 
aged  devices.  Reports  also  include  alert 
history  and  service  measures  metrics. 

Oli  Thordarson,  president  and  CEO  of  Al- 
vaka  Networks,  a  professional  and  man¬ 
aged  services  provider  in  Huntington 
Beach,  Calif.,  uses  Patrol  Express  3.0  in 
Alvaka’s  network  operations  center.  As  a 
potential  channel  partner  with  BMC,  Al- 
vaka  also  uses  the  software  in  service  offer¬ 
ings  to  its  customers.  Alvaka,  for  years,  cob¬ 
bled  together  products  from  IBM,  Com¬ 
puter  Associates,  Novell  and  Microsoft.  And 
about  three  months  ago,  the  company 
rolled  out  a  pilot  version  of  Patrol  Express 
3.0  internally  and  recently  it  began  deploy¬ 
ing  the  software  across  customer  networks. 

“The  product  deploys  without  having  to 
touch  devices  and  applications  at  all  the 
remote  locations,”  he  says. 

Thordarson  says  he’s  still  working  with 
the  company  to  get  the  software  to  inte 
grate  better  with  more  third-party  monitor¬ 
ing  and  reporting  tools.  But  he  says  instal¬ 
lation  is  straightforward  and  requires  little 
configuration. “We  identify  where  we  want 

See  BMC,  page  22 


end  users  with  little  knowledge  of  high 
technology 

“E-mail  overload  has  not  been  the  result 
of  receiving  too  much  legitimate  e-mail.  It 
has  been  because  of  spam,”  says  Tim 
Showalter,  the  author  of  Sieve  and  a  mem¬ 
ber  of  the  technical  staff  at  Mirapoint.“So 
filtering  is  now  happening  at  the  corporate 
gateway  and  not  the  desktop  for  spam,  anti¬ 
virus  and  content.  That  is  more  interesting 
to  customers  now”  Showalter’s  own 
employer,  Mirapoint,  does  not  incorporate 
Sieve  into  its  products. 

Regardless,  Showalter  says  Sieve  is  a  suc¬ 
cess  and  a  useable  specification  in  its  cur¬ 
rent  form. Showalter  still  is  working  actively 
on  extensions,  including  one  that  will  let 
users  set  up  out-of-office  auto-replies  when 

See  Spam,  page  22 

Finding  a  niche 

E-mail  filtering  is  becoming  a 
must  for  companies,  and  a 
proposed  Internet  Engineering 
Task  Force  filtering  standard 
called  Sieve  could  find  a  new 
life  because  of  the  need. 

Percentage  of  organizations  that 
have  deployed  filtering  technologies 
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The  news  that  the  U.S. Senate  had  cut 
all  funding  for  the  Department  of 
Defenses  research  on  its  Terrorism 
Information  Awareness  program.  That  was 
a  good  thing  to  do,  but  I  expect  it  was  a 
futile  gesture.  Maybe  it's  time  to  just  surren¬ 
der  to  the  inevitable  and  start  planning  for 
a  life  of  transparency,  for  the  people  if  not 
for  the  government. 

The  signs  are  all  around  us.  TIA,  which 
used  to  be  known  by  a  name  that  far  better 
described  its  purpose:  Total  Information 
Awareness,  is  only  the  most  public  of  the 
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signs.  This  program  was  envisioned  as 
being  able  to  gather  all  the  information 
available  on  everyone  in  the  world.  Well, 
actually  not  everyone  —  much  of  the 
world’s  population  does  not  get  anywhere 
close  to  the  kind  of  electronic  system  that 
TIA  would  get  its  data  from. 

The  asserted  rationale  of  discovering  ter¬ 
rorists  is  so  transparently  absurd  that  one  is 
left  with  the  inescapable  conclusion  that 
the  real  purpose  is  to  create  a  detailed 
electronic  history  of  everyone  they  can. 

Tying  together  every  sort  of  electronic  tid¬ 
bit  you  leave  behind  when  you  do  any¬ 
thing  these  days  with  the  about-to-be- 
omnipresent  radio  frequency  identifica¬ 
tion  (RFID)  that  will  be  part  of  everything 
you  buy  wear  or  use  will  let  the  govern¬ 
ment  know  on  a  minute-by-minute  basis 
what  you’re  up  to  and  who  you  are  up  to  it 


with.  Toss  in  the  new  airport  scanner  that 
shows  you  in  your  birthday  suit,  and  the 
Mach-3  cam  (see  www.nwfusion.com,  Doc- 
Finder:  6929)  and  its  cousins,  and  the  gov¬ 
ernment  will  know  much  more  about  you 
than  you  do.  I,  for  one,  tend  to  forget  where 
1  was  at  a  particular  time  of  day  a  week  or  a 
month  back.  It  would  be  wonderful  to  have 
this  memory  aid,but  I  suppose  they  will  not 
let  me  see  my  own  record  so  I’ll  have  to 
make  due  with  my  mess  of  neurons. 

I  suppose  the  next  step  will  be  to  add 
miniature  microphones  to  the  RFIDs  so  the 
government  could  listen  in  on  your  plot¬ 
ting  to  violate  the  “Keep  off  the  grass”  signs. 

I  admit  that  this  would  be  a  boon  to  a  gov¬ 
ernment.  Society  would  be  much  safer  if 
the  government  simply  could  push  a  but¬ 
ton  to  find  out  who  was  last  to  be  near  that 
wad  of  discarded  gum. 


www.nwfusion.comj 


But  the  benefits  do  not  stop  at  the  gov¬ 
ernment.  Private  industry  which  is  collect¬ 
ing  most  of  the  information  that  is  planned 
to  go  into  TIA,  would  be  able  to  offer  all 
sorts  of  new  helpful  services.  For  example, 
the  logical  extension  of  the  Mach-3  cam  is 
to  check  to  see  if  you  also  need  Grecian 
Formula  hair  dye  —  a  box  could  leap  into 
your  shopping  basket  if  you  do. 

If  you  have  the  same  feeling  of  control 
that  a  rat  in  a  fully  transparent  maze  does, 
welcome  to  the  club. 

Disclaimer:  Some  Harvard  students  may 
feel  like  they  are  in  a  maze,  but  it’s  far  from 
transparent.  Anyway  the  above  bad  dream 
is  my  own  (I  hope). 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 
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to  put  the  agent,  log  on  via  a  Web  browser, 
download  and  install,  and  we  are  done. 
There  is  no  configuration  or  rebooting  or 
crashing  servers  or  reloading  network 
equipment,”  he  says. 

Server  software,  which  BMC  calls  the  ser¬ 
vice  integration  portal,  is  installed  on  a 
dedicated  server.  From  there,  network 
managers  configure  and  distribute  remote 
service  monitors,  or  software  agents  that 
reside  on  shared  and  dedicated  servers. 
Patrol  Express  3.0  does  not  require  users  to 
deploy  agents  on  each  device  they  want  to 
manage.  One  instance  of  the  service  inte¬ 


gration  portal  can  handle  up  to  500  man¬ 
aged  nodes.  The  remote  service  monitors 
then  use  more  than  1,700  protocols  to  poll 
network  devices,  servers,  operating  sys¬ 
tems,  databases  and  applications  for  per¬ 
formance  and  availability  metrics. 

Customers  can  use  the  service  integra¬ 
tion  portal  as  their  main  management  con- 
sole.The  software  also  lets  individual  users, 
executives  and  departments  create  person¬ 
alized  portals,  which  will  give  them  access 
to  and  deliver  only  the  information  perti¬ 
nent  to  the  network  devices  that  support 
them  directly 

The  software  also  is  available  as  a  service 
from  BMC,  in  which  customers  would  log 
on  to  BMC’s  service  integration  portal  and 


download  remote  service  monitors  to 
manage  parts  of  their  network.They  would 
then  log  onto  the  portal  to  receive  reports. 

Patrol  Express  3.0  costs  $15,000  for  the 
service  integration  portal  software,  which 
can  manage  up  to  500  network  elements. 
For  more  coverage,  customers  can  pur¬ 
chase  additional  software  to  monitor  oper¬ 
ating  systems  for  $400,  applications  for  $800 


Spam 

continued  from  page  21 

away  on  vacation. 

He  also  says  Sieve  remains  a  good  part¬ 
ner  for  email  servers  based  on  Internet 
Message  Access  Protocol,  which  store  mes¬ 
sages  on  the  server  where  Sieve  scripts  can 
be  executed  for  users  who  access  mail 
from  multiple  clients. 

Showalter  says  Sieve  wasn’t  designed  to 
solve  the  deluge  of  spam,  which  was  only  a 
trickle  when  he  wrote  the  standard  in  the 
late-1990s.  But  some  vendors  have  modi¬ 
fied  Sieve  for  use  with  their  anti-spam 
engines  to  the  surprise  of  Showalter. 

Secure  messaging  vendor  Vircom  has  en¬ 
hanced  the  Sieve  language  and  made  it  the 
foundation  of  its  ModusSieve  anti-spam 
engine,  which  it  markets  to  ISPs  and  some 
corporations.  Over  the  past  year,  the  com¬ 
pany  says  it  has  developed  13,000  lines  of 
Sieve  scripts,  which  are  updated  around 
the  clock  and  augmented  by  scripts  from 
Vircom  customers  who  have  formed  the 
Vircom  Anti-Spam  Coalition. 

“We  are  using  Sieve  in  an  unconvention¬ 
al  manner’’  says  Daniel  Roy,  product  man¬ 
ager  for  ModusSieve.  “We  use  it  to  work  at 
the  gateway  level  before  messages  reach 
the  mail  server”  Roy  says  what  is  important 
is  the  sharing  of  scripts.  “Sieve  is  an  adap¬ 
tive  tool.  We  can  quickly  modify  scripts  to 
react  to  spammers  and  share  those  scripts 
throughout  the  coalition.” 

Sieve  also  is  supported  in  products  such 
as  Brightmail’s  Anti-Spam  engine. 

“Our  goal  with  Sieve  is  to  give  customers 
the  ability  to  write  custom  scripts  for  our 


and  network  devices  for  $100  per  device. 

The  monitoring  features  of  the  software 
also  are  available  as  a  hosted  service  from 
BMC.  The  annual  subscription  fee  for  the 
service  is  based  on  the  number  of  operat¬ 
ing  systems,  applications  and  devices  to  be 
monitored.  Operating  systems  cost  $720, 
applications  cost  $1,440  and  network 
devices  costs  $180  per  device.  ■ 


platform,”  says  Ken  Schneider,  CTO  of 
Brightmail.  But  Schneider  says  Sieve  is  not 
a  fundamental  part  of  Brightmail’s  anti¬ 
spam  engine.  Instead,  it  solves  more  site-  or 
platform-specific  issues,  such  as  blocking 
certain  attachments. 

Rockliffe,  which  has  implemented  Sieve 
in  the  Web-mail  interface  of  its  MailSite 
Express  messaging  server,  will  use  Sieve  in 
anti-spam  filtering  that  it  plans  to  release  in 
August.  The  product  incorporates  a  policy 
editor  from  ActiveState’s  PureMessage  anti¬ 
spam  software. The  Sieve-based  policy  edi¬ 
tor  has  a  GUI  interface  to  mask  the  com¬ 
plexity  of  Sieve  scripting. 

“We  think  Sieve  will  be  great  for  creating 
controls  so  users  don’t  have  to  deal  with 
junk,”  says  Andrew  Lochart,  vice  president 
of  marketing  for  Rockliffe. 

While  Vircom,  Brightmail,  ActiveState 
and  Rockliffe  have  applied  Sieve  to  spam 
tools,  they  aren’t  the  only  ones  to  adopt 
the  standard.  A  handful  of  products  sup¬ 
port  Sieve,  including  Sun  One  Messaging 
Server,  Critical  Path's  Messaging  Server, 
Sendmail’s  Advanced  Message  Server  and 
Cyrusoft  International’s  Mulberry  Internet 
mail  client. 

Users  see  the  benefits  and  the  limitations. 

“Sieve  is  effective  for  where  we  are  right 
now  with  400  users,”  says  Terry  Lockwood, 
manager  of  IT  for  J&J  Industries,  a  carpet 
manufacturer  in  Dalton, Ga.  Lockwood  and 
his  IT  staff  have  been  writing  Sieve  scripts 
for  their  Rockliffe  mail  server  for  more  than 
a  year  to  block  spam  and  viruses.“!f  we  had 
6,000  users  we  may  look  for  another  way  to 
filter  spam  and  viruses,  but  now  the  deci¬ 
sion  is  based  on  economics.”  ■ 


Express  iitformatiofi 

BMC’s  Patrol  Express  uses  agentless  monitoring  technology  that 
helps  customers  manage  remote  offices  or  specfic  departments 
company. 
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O  Network  managers  download 
BMC’;,  Pstrol  Express  and  use 
Its  ■■  orvlce  mtegttkan  portal 
to  distribute  and  configure 
remote  service  monitors 
across  datable.-.  Web  and 
application  servers. 


0  Remote  service  monitors  can  be 
shared  among  departments  or 
dedicated  to  a  specific  group.  The 
software  uses  more  than  1,700 
protocols  to  poll  network 
elements  and  monitor  perform  ¬ 
ance  and  availability. 


0  Patrol  Express’  multi-tenancy 
support  lets  customers  view  their 
own  environments.  For  example, 
three  business  units  using  one 
instance  of  the  service  integration 
portal  could  monitor  their  own 
separate  environments. 


See  What’s 
Really 
Happening 
On  Your 
N  et  wo  r  k . 

Compuware  can  help.  With  Vantage,  network  managers  can  spot 
which  applications  are  consuming  the  most  bandwidth  and  which 
users  are  generating  the  most  traffic.  Also,  by  measuring  response 
times  and  link  utilization.  Vantage  is  able  to  provide  essential 

WAN  provisioning  information. 


Get  the  complete  picture  of  your  WAN  usage  with  Vantage. 

Learn  how  to  get  the  data  you  need  to  make  informed  utilization 
decisions  by  downloading  our  free  white  paper,  “Taking  Control  of 

Your  Bandwidth,”  found  on  offers.compuware.com 
Enter  offer  code:  3081X8 
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Special  Focus 

SOFTWARE:  Fixing  problems. 

Patch  management  burdens  customers 


■  BY  ELLEN  MESSMER 

When  it  conies  to  patch  management, there’s  no 
one-size-fits-all  approach  to  doing  a  job  no  one 
wants  to  do:  update  software  for  new  features,  or 
the  more  troubling  task,  fixing  a  security  hole  before  a 
hacker  or  computer  worm  finds  it. 

By  all  accounts,  patching  software  is  a  disruptivedime¬ 
consuming  process  requiring  IT  departments  to  test  any 
new  software  patch  before  applying  it, scheduling  down¬ 
time  for  machines  to  apply  the  patch  and  ensuring  it 
doesn’t  “break”  applications.  Patching  for  security  pur¬ 
poses  also  means  managers  have  to  be  on  constant  alert 
for  news  of  any  new  holes  found  in  vendor  products.This 
thankless  task  monopolizes  large  chunks  of  IT  staff  time, 
in  spite  of  a  growing  array  of  products  and  services  that 
can  track  machines  that  need  patches  and  automate 
patch  downloads  from  vendor  sites. 

At  any  rate,  many  organizations  say  they  don’t  need 
commercial  patch-management  products  to  do  the  job. 

“We  have  our  own  system  for  this,”  says  Anthony  Mc¬ 
Bride,  IT  network  security  analyst  at  financial  services 
firm  Principal  Financial  Group  in  Des  Moines,  Iowa.“It’s  a 
homemade  system  with  a  database  of  the  server  and 
applications  we  use  for  Windows,  Solaris  and  Linux  and 
what’s  been  patched.  And  we  monitor  a  list  of  open 
sources,  like  BugTrak.for  information.” 

Because  there  are  so  many  patches  released  by  ven¬ 
dors,  Principal  Financial  Group  evaluates  each  one 
according  to  a  risk  category  to  determine  which  need  to 
be  applied  immediately  and  which  can  wait  for  the  next 
quarterly  scheduled  software  maintenance.“You  have  to 
weigh  the  risk,  and  get  into  a  lab  and  test  that  patch,” 
McBride  says. 

Commercial  patch  management  products  can  either 
be  stand-alone  patch  products  like  those  from  BigFix, 
PatchLink,  St.  Bernard  Software  and  Shavlik  Technol¬ 
ogies,  or  the  patch  component  of  systems  management 
products  from  ConfigureSoft,  Ecora,  IBM  Tivoli  and 
LAN  Desk  Software. 

In  any  event,  the  idea  of  deferring  patching  based  on 
risk  is  a  common  practice,  according  to  network  execu- 
tives.That's  because  the  number  of  vendor  patch  releases 
is  skyrocketing  as  the  number  of  newly  discovered  vul¬ 
nerabilities  increases  dramatically 
“The  number  of  software  vulnerabilities  has  doubled 
every  year  since  1999,” says  Casey  Dunlevy  manager  of  the 
CERT  Analysis  Center  at  Carnegie-Mellon  University  which 
tracks  this  data  as  part  of  its  ongoing  effort  in  issuing  the 
closely  watched  CERT  security  alerts. 

“Last  year  it  was  4,200  different  vulnerabilities  in  soft¬ 
ware  products,  the  year  before  it  was  2, 100,”  Dunlevy  says. 
“And  it  looks  like  we’ll  double  it  again  this  year!’ 

In  organizations  where  Microsoft  server  and  desktop 
products  predominate,  there’s  frustration  that  Microsoft 
hasn’t  made  the  patch  management  job  easier. 

“We  need  to  put  pressure  on  companies  like  Microsoft 
to  build  security  in  as  a  requirement," says  Steve  Mal- 
phrus.CIO  at  the  Board  of  Governors  and  director  of 
management  at  the  Federal  Reserve  System.  Malphrus 
expressed  dismay  about  Microsoft’s  all-too-steady  stream 
of  software  patches.The  Federal  Reserve  doesn't  use  com¬ 
mercial  patch  management  products,  but  the  staff  moni¬ 


tors  vendors  directly  and  patches  according  to  risk  when 
a  new  vulnerability  is  discovered. 

Microsoft  offers  three  basic  ways  to  patch  its  own  server 
and  desktop  applications:  through  its  Server  Management 
System  (SMS)  console  for  pushing  software  updates;  via 
System  Update  Services,  which  lets  the  desktop  “call 
home”  to  the  Microsoft  Web  site  for  patches;  and  through 
the  Microsoft  Baseline  Security  Analyzer,  a  free  online 
tool  for  vulnerability  assessment. 
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The  many  paths  to  patch  management 

•  Do  it  yourself. 

Keep  track  of  server  and  desktop  versions  and  latest 
patches  in  a  database. 

Pros  and  cons:  Can  be  seen  as  less  expensive  than 
buying  patch  management  software,  but  might  entail 
extra  labor  in  terms  of  maintaining  own  application 
or  monitorng  for  security  alerts. 

•  Buy  it. 

Use  a  systems  management  package  that  includes  a 
patch-update  component. 

Pros  and  cons:  Ensures  patches  are  an  integral  part 
of  the  overall  computer  inventory  and  configuration 
process,  but  can  be  more  expensive  than  just  buying 
a  patch  management  point  product.  Also,  unless  the 
package  includes  specific  security  alerts,  you  might 
need  to  look  elsewhere  for  this. 

•  Employ  tools. 

Use  a  stand-alone  patch  management  tool. 

Pros  and  cons:  Might  be  less  expensive  than  a 
systems  management  package,  but  needs  close  eval¬ 
uation  because  products  differ  widely  in  the  applica¬ 
tions  and  operating  systems  they  support  and  also 
whether  they  are  "agentless”  or  "agent-based” 
software.  Products  are  changing  rapidly  in  terms  of 
the  degrees  of  automating  the  patch  process. 
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But  customers  generally  aren’t  impressed  with 
Microsoft’s  tools.  Microsoft’s  separate  software  teams  for 
operating  systems  and  applications  churn  out  patches  dif¬ 
ferently,  so  there’s  no  consistency  in  how  they’re  to  be 
applied  or  how  the  patch  is  identified.  Some  customers 
say  they  have  had  rough  experiences  using  SMS  for  patch 
management. 

“We  tried  SMS  but  just  couldn't  get  it  to  work,” says 
Denny  Cannon,  PC  specialist  at  Farm  Credit  Services  of 
America  in  Omaha,  Nebraska.“SMS  wouldn’t  apply  the 
patches  at  the  right  time  when  we  wanted  it  to. When  we 
called  Microsoft,  they  just  said, “Well,  that’s  SMS  time.  It 
does  it  when  it’s  ready  to,  when  it  doesn’t  see  traffic  on 
the  network.’” 

FCSA  instead  is  relying  on  the  LANDesk  Management 
Suite,  which  keeps  track  of  the  software  installed  on  the 
organization’s  950  desktops  and  150  servers  —  all  Micro¬ 
soft  —  for  patching. 

At  present,  FCSA  manually  has  to  find  the  right  patch  at 
a  vendor  site  and  download  it  to  distribute  it  via  LAN¬ 
Desk  to  the  right  machines.  But  by  year-end,  LANDesk, 


which  supports  Windows,  Unix,  Linux  and  Macintosh,  will 
add  vulnerability  assessment  to  its  suite  to  scan  for  patch 
needs  and  automate  the  patch-download  process  as  part 
of  a  new  security  service. 

IT  managers  say  complete  automation  to  instantly 
download  a  new  patch  and  distribute  it  would  be  the 
ideal,  but  experience  leads  them  to  believe  it  carries  too 
much  risk  because  patches  can  cause  unexpected  dis¬ 
ruptions  in  applications. 

“I  haven’t  found  any  tool  yet  that  I’d  be  comfortable 
with  to  allow  complete  automation  of  patch  manage 
ment,”says  Garett  Redelings,  systems  administrator  at  Bio- 
RAD  Laboratories  in  Hercules,  Calif.  The  lab  uses  St. 
Bernard  UpdateExpert  to  get  word  of  new  patches  and 
have  them  downloaded  and  pushed  out  to  20  Windows 
servers  and  1 20  workstations. 

Redelings  tests  every  patch  first  because  he’s  found 
that  Microsoft  patches  might  work  fine  with  Microsoft 
applications  but  can  cause  non-Microsoft  applications 
to  shut  down. 

Time-Warner  Cable  in  Raleigh,  N.C.,  uses  the  Security 
Update  component  in  ConfigureSoft  Enterprise  Config¬ 
uration  Manager  software  to  tackle  the  patch  process. 
George  Geddis.the  IT  department  business  analyst  there, 
says  procedures  and  policies  need  to  be  in  place  for 
patch  management  because  some  patches,  particularly 
from  Microsoft,  don’t  work  correctly  when  first  issued. 

Some  patches  also  “undo”  the  effect  of  patches  applied 
before.“Unless  you  take  the  time  to  do  regressive  testing, 
you  could  find  new  problems,”  Geddis  says. 

“I’m  not  a  big  fan  of  automated  patch  updates  because 
it  can  break  applications,” says  Pete  White,  security  archi¬ 
tect  at  M.D.  Anderson  Cancer  Center  at  the  University  of 
Texas  in  Houston,  which  has  a  mixed  server  environment 
of  Windows,  Linux  and  Solaris.“Microsoft  is  not  known  for 
getting  the  patch  right  the  first  time.” 

The  hospital  has  deployed  host-based  software  from 
Symantec  called  Enterprise  Security  Manager  across  200 
servers  to  enforce  security  policy,  and  White  says  the 
ability  of  ESM  to  take  a  “snapshot”  of  each  server  gives 
him  a  way  to  keep  track  of  what  needs  patching.The 
hospital  also  uses  the  Symantec  DeepSight  Alert  Service 
to  get  notification  of  vulnerabilities  that  might  necessi¬ 
tate  an  immediate  patch. 

Although  managers  remain  wary  of  automated  patch 
installation, some  patch  management  vendors  say  they 
are  intent  on  providing  automation  as  an  option. 

In  the  fall  Shavlik  Technologies  plans  to  release  an  auto¬ 
matic  patch  management  agent  for  Microsoft  desktops 
and  servers.  Shavlik,  which  currently  targets  only  Micro¬ 
soft  products,  plans  to  expand  support  to  include  Oracle 
and  Apache. 

A  growing  number  of  IT  managers  say  patching,  espe¬ 
cially  to  fix  security  holes,  isn’t  a  tenable  process  and  that 
new  approaches  are  needed. 

“You  hold  your  breath  when  you’re  applying  patches 
to  see  if  they're  breaking  anything,” says  Eric  Beasley, 
senior  network  administrator  at  Baker  Hill  in 
Indianapolis,  which  provides  hosted  loan-processing 
applications  for  the  banking  industry.“We  handle  patch¬ 
ing  at  the  service-pack  level,  not  the  hot-fix  level.  Patches 
have  to  be  done  in  a  specific  order  or  you  can  undo 
some  of  the  patches  from  before."  ■ 
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Sprint  throws  hat  into  Wi-Fi  arena 


■  BY  DENISE  PAPPALARDO 

Sprint  announced  last  week  that  it  will 
offer  Wi-Fi  service  throughout  the  U.S.  to 
give  travelers  another  wireless  option 
when  accessing  the  Internet. 

The  service,  PCS  Wi-Fi  Access,  will  run 
over  a  network  of  2,100  access  points. 
Sprint  is  teaming  with  Wayport  and  Airpath 
to  create  this  network  by  year-end,  the  com¬ 
pany  says.  Partners  will  supply  90%  of  the 
Wi-Fi  hot  spots,  while  Sprint  will  build  the 
balance. 

Sprint  PCS  customers  will  be  able  to  cou¬ 
ple  the  carrier’s  Wi-Fi  service  with  existing 


PCS  Vision  wireless  data  service.  Others 
could  buy  PCS  W-Fi  Access  as  a  stand¬ 
alone  product,  says  Jason  Guesman,  direc¬ 
tor  of  business  marketing  for  Sprint  PCS. 

PCS  Vision  customers  will  be  able  to 
connect  to  the  carriers  digital  mobile  net¬ 
work  or  its  network  of  Wi-Fi  access  points. 
The  carrier  says  its  PCS  Connection 
Manager  software  will  let  users  easily  see 
Wi-Fi  and  wireless  data  PCS  connectivity 
options  on  the  client  software.  Then  the 
user  can  choose  the  most  economical  or 
preferred  method.  For  instance,  users 
might  choose  to  connect  via  Vision,  rather 
than  Wi-Fi,  because  they  are  traveling  in  a 
cab.  They  might  choose  Wi-Fi  if  they  have 
a  layover  and  will  be  stuck  in  the  airport 
for  two  hours. 

This  software  will  be  available  when  the 
service  launches,  Guesman  says. 

Sprint  plans  to  have  800  access  points 
initially,  with  the  remaining  1,300  coming 
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Wi-Fi  growth  predicted 

Users  are  expected  to  adopt  Wi-Fi 
in  droves  by  2005,  increasing  the 
number  of  subscribers. 


SOURCE:  THE  YANKEE  GROUP 
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online  before  year-end. 

“Sprint  obviously  wants  to  position  itself 
as  a  major  Wi-Fi  player,”  says  Roberta 
Wiggins,  an  analyst  at  The  Yankee  Group. 
“They  are  leveraging  roaming  agreements 


to  aggressively  build  out  2,100  access 
points.” 

The  carrier  is  the  third  of  the  largest 
national  service  providers  to  lay  out  its 
plans  for  public  wireless  LAN  support  this 
summer.  AT&T  and  MCI,  legally  known  as 
WorldCom,  launched  their  plans  earlier 
this  month. 

While  Sprint’s  announcement  last 
week  concentrates  on  the  carrier’s  wire¬ 
less  customers,  additional  wireless  to 
land-line  data  service  announcements 
are  expected.  Sprint  said  in  June  that  it 
would  offer  Sprint  PCS  access  to  its  VPN 
and  other  landline  data  services.  Sprint 
wouldn’t  get  more  specific  on  the  timing 
of  its  additional  wireless  data  service 
announcements. 

Sprint  says  pricing  information  for  the 
PCS  Wi-Fi  Access  service  will  be  available 
when  the  service  launches  sometime  in 
the  third  quarter.  ■ 


FiberLink  serves  up  SSL  remote  access 

Provider  to  manage  Neoteris  gear  for  customers. 

■  BY  TIM  GREENE 


■  Verizon  IS  withdrawing  its  opposi¬ 
tion  to  MCl’s  reorganization  plan  in 
exchange  for  a  settlement  in  a  billing 
dispute  between  the  two  service  pro¬ 
viders.  MCI,  legally  known  as  World¬ 
Com,  is  paying  Verizon  $60  million  to 
settle  the  issue,  according  to  a 
motion  filed  with  the  federal  bank¬ 
ruptcy  court.  Although  Verizon  is 
dropping  its  opposition  to  the  carri¬ 
er’s  reorganization  plan,  Verizon  is 
calling  for  stiffer  punishment  for  the 
company's  fraudulent  activities  over 
a  three-year  period.  The  fraud  totaled 
$70  billion.  Verizon's  views  on  MCI 
might  not  have  changed,  but  with 
Verizon's  backing  MCI  is  more  likely 
to  emerge  from  bankruptcy  this  fall, 
as  MCI  executives  have  predicted. 

■  Optical  Ethernet  equipment  vendor 
Africa  recently  announced  that  it 
raised  $17  million  in  a  new  round  of 
funding.  Investors  in  Atrica’s  fourth 
round  of  funding  include  existing  in¬ 
vestors  Accel  Partners,  Ascend  Tech¬ 
nology  Ventures,  Benchmark  Capital, 
Challenge  Fund,  Innovacom,  Gemini 
Israel  Fund,  Investor  Growth  Capital, 
JK&B  Capital  and  St.  Paul  Venture 
Capital,  and  new  investor  Intel  Capi¬ 
tal,  Intel’s  strategic  investment  pro¬ 
gram.  Atrica  says  it  will  use  the  fourth 
round  to  satisfy  worldwide  demand 
for  its  optical  Ethernet  systems,  espe¬ 
cially  in  Asia. 


Next  month,  customers  will  be  able  to 
buy  FiberLink  Internet  remote-access  ser¬ 
vices  that  are  protected  by  Secure  Sockets 
Layer  technology  expanding  the  provider’s 
secure  remote-access  options  beyond  tra¬ 
ditional  IP  Security  VPNs. 

Managed  SSL  Solution  will  give  cus¬ 
tomers  access  to  corporate  networks  via 
the  Internet  from  any  computer  that  has  an 
SSL-enabled  Web  browser,  and  access  will 
be  secured  by  a  server  that  proxies 
between  the  remote  user  and  servers  at 
corporate  sites. 

FiberLink  will  place  Neoteris  Instant 
Virtual  Extranet  (1VE)  proxy  boxes  at  cus¬ 
tomer  sites  and  manage  them.  Remote 
users  will  authenticate  to  the  box  and  be 
granted  access  based  on  policies  preset  by 
the  customer. 

The  service  might  be  attractive  to  support 
employees  who  want  to  work  from  home 
using  their  own  PCs,  says  Prashant  Vaidya, 
IT  manager  for  biotechnology  firm  Qiagen 
in  Valencia,  Calif.  The  firm  has  more  than 
200  users  signed  up  for  FiberLink’s  IPSec 
VPN  service.  With  SSL,  the  company  would 
not  have  to  issue  client  software  to  these 
machines,  avoiding  distribution  and  man¬ 
agement  burden, Vaidya  says. 


In  addition,  the  SSL  service  would  not 
require  any  reconfiguration  of  the  com¬ 
pany  firewall  because  it  uses  only  the  stan¬ 
dard  SSL  port,  which  generally  is  kept 
open,  he  says.  Qiagen  is  considering 
installing  a  new  firewall,  and  integrating  it 
with  the  VPN  service  is  a  factor  Vaidya  says 
he  has  to  consider  in  setting  it  up. 

Dealing  with  clients  for  the  VPN  service 
will  not  be  a  major  chore,  he  says,  because 
FiberLink  will  handle  updates  to  it.  Qiagen 
installed  the  clients  initially,  and  Black  Ice 
personal  firewalls  were  added  to  the  VPN 
service  later. 

Neoteris  has  given  FiberLink  access  to  a 
new  API  it  has  developed  for  its  IVE  soft¬ 
ware  to  be  integrated  with  software  written 
by  business  partners.  In  the  partnership 
with  FiberLink,  the  API  lets  FiberLink  soft¬ 
ware  check  that  the  remote  machine  has 
proper  security  configurations  and  then 
dictate  whether  the  IVE  software  should 
allow  access.  The  configuration  check  is 
already  part  of  FiberLink’s  other  services. 

The  companies  say  they  are  working  on 
software  that  can  place  remote  computers 
into  four  categories  ranging  from  trusted  to 
untrusted  and  to  give  a  different  set  of 
access  rights  to  each  category  So  policies 
could  be  set  that  if  a  single  user  logs  on 
from  a  company-issued  laptop,  he  would 


get  access  to  a  complete  list  of  applica¬ 
tions.  If  the  same  user  logs  on  from  an 
Internet  kiosk,  he  would  get  access  to  a 
much-restricted  set  of  resources. 

SSL  specialist  Aventail  and  remote-access 
service  provider  OpenReach  both  offer 
SSL  remote-access  services,  as  does  AT&T 
by  reselling  Aventail’s  service. 

FiberLink  also  sells  Internet  access,  but  it 
will  not  be  necessary  to  buy  it  in  order  to 
use  the  SSL  service. 

FiberLink  will  start  selling  the  service  next 
month  and  activate  it  in  September.  While 
pricing  has  not  been  set,  the  monthly  fee 
will  be  linked  to  the  number  of  simultane¬ 
ous  users  the  box  will  support.  ■ 


More  online! 


Learn  why  SSL  has  become  the  de  facto  standard  for 
secure  communications  between  end  users  and 
Internet  sites. 
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Service  Providers _ 

In  search  of  elusive  telco  cost  savings 
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How  Do  You  Define  Spam? 


Each  organization  defines  spam  differently  and  has  its  own  unique  email 
policy.  Elron  Software  understands  that  one  size  does  not  fit  all  and  has 
developed  a  customizable,  easy-to-use  anti-spam  and  email  content 
filtering  solution.  Unlike  other  one-dimensional  products  on  the  market. 
Message  Inspector  v4  offers  a  multi-level  email  management  approach. 

Choose  the  right  fit  for  your  organization  —  Call  800-767-6683 
or  visit  wv7w.elronsoftware.com/nospam  to  request  your  FREE 
Message  Inspector  v4  trial  today! 


»e"'  Message  Inspector  v4 

The  Right  Fit  For: 

Controlling  spam 
Protecting  confidential  data 
Reducing  network  congestion 
Maximizing  productivity  &  IT  resources 


Therein  lies  the  catch:  You  probably 
aren’t.  Most  companies  have  found  band¬ 
width  requirements  are  growing  because 
of  new  applications  and  initiatives  such  as 
server  and  data  center  consolidation. 

Unfortunately,  companies  often  don’t 
consider  the  network  impact  of  deploying 
new  apps  or  consolidating  servers  and 
data  centers.  For  example,  server  consoli¬ 
dation  typically  results  in  relocating  a  serv¬ 
er  from  across  the  LAN  to  across  the  WAN. 
That  means  traffic  that  used  to  be  local 
(high-bandwidth,  low-latency  and  virtually 
free)  is  now  long-distance  (low-bandwidth, 
high-latency  and  expensive). 

The  upshot?  Users  see  decreased  per¬ 
formance,  and  network  executives  see 
higher  bills. 

There’s  no  magic  bullet,  but  here  are 
some  guiding  principles  to  reducing  costs 
while  maintaining  or  improving  service: 

Consolidate  multiple  networks.  Com¬ 
panies  often  have  dedicated  networks  for 
particular  traffic  types  (voice,  video,  extra- 
nets  or  legacy  applications).  One  firm  we 
worked  with  had  more  than  30  networks, 
including  dedicated  extranets,  an  X.25  net¬ 
work  that  handled  one  legacy  application, 
and  multiple  voice  and  data  nets.  Try 
integrating  applications  wherever  feasible 
across  a  common  infrastructure,  and  re¬ 
member  that  cost-savings  are  cumulative: 
Combining  voice  and  data  might  not  show 
enough  of  a  savings  to  warrant  revising 
your  network  architecture,  but  toss  video 
into  the  mix, and  the  picture  might  change. 

Use  quality  of  service  and  selective  over¬ 
subscription  to  wring  more  performance 
out  of  existing  links.  On  dedicated  lines 
and  with  most  VPN  technologies  (such  as 
frame  relay)  you’ve  already  paid  for  the 
bandwidth  so  you  might  as  well  utilize  it  as 
much  as  possible.  By  deploying  QoS  at  the 
access  points,  you  can  expedite  the  trans¬ 
fer  of  mission-critical  apps  even  when  the 
WAN  is  congested,  while  saving  the  bulk 
file  transfers  for  slower  periods.  If  you  try 
this,  make  sure  to  benchmark  application 
performance  and  network  utilization  first 
—  then  shoot  for  maintaining  application 
performance  while  increasing  utilization. 

Explore  compression.  Most  of  us  stopped 
thinking  about  compression  back  when  we 
tossed  out  our  V32  bis  modems.  But  com¬ 
pression  is  back,  and  a  new  generation  of 
tools  such  as  the  SR  products  from  Fteribit 
can  increase  effective  bandwidth  up  to  5X, 
according  to  Beribit’s  internal  tests. 

Renegotiate.  Although  rates  have  stopped 
dropping,  if  your  contract  is  at  least  18 
months  old,  you  can  probably  wring  a  few 
concessions  from  your  service  provider  — 
perhaps  by  offering  to  throw  more  of  your 
business  their  way  (But  don’t  lock  yourself 
into  long-term  contracts.) 

Above  all:  don’t  give  up.  There  are  many 
ways  to  save,  if  you  know  where  to  look. 


How  can  I  reduce  network  costs?”  If 
that  question  sounds  familiar, you’re 
not  alone. 

Telecom  rates  are  no  longer  in  freefall. 
The  20%  to  25%  year-over-year  drop  in  rates 


that  we  saw  during  the  mid-to-late  ’90s  has 
vanished.  Rates  now  are  relatively  stable, 
meaning  next  year  you  can  expect  to  pay 
about  what  you  paid  last  year,  assuming 
you’re  consuming  equivalent  services. 
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Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nernertes.com. 
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IPSs  instantly  grant  or  deny  access 


Intrusion-prevention  systems 

HOW  II  WORKS  IPSs  protect  against  network  attacks  by  examining 
packets  and  blocking  malicious  traffic  before  it  can 
go  any  further. 


IPS  engine  Massively  parallel  deep 

inspection  ASICs 
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O  Each  packet  is  ©  Based  on  the  packet  0  All  relevant  filters 
classified  based  classification,  the  relevant  are  applied  in 

on  header  and  filters  are  applied  in  the  parallel  and  if  any 

associated  flow  context  of  the  packet’s  packets  match,  they 

information.  flow  state  information.  are  tagged  as  a  hit. 


O  A  packet  that  resulted  in  a 
hit  is  discarded,  and  its 
related  flow  state  information 
is  updated  to  discard  the  rest 
of  the  flow. 


■  BY  MARC  WILLEBEEK-LEMAIR 

A  surge  of  new  security  vulnerabilities 
has  caused  an  increase  in  sophisticated 
attacks, generated  internally  and  externally, 
that  bypass  traditional  firewalls.  Intrusion- 
prevention  systems  placed  at  the  perimeter 
or  on  internal  network  segments  can  stop 
these  attacks,  providing  a  scalable  front 
line  of  defense  for  vulnerable  unpatched 
or  misconfigured  servers. 

Whereas  intrusion-detection  systems 
monitor  network  traffic  and  send  alerts 
regarding  suspicious  activity,  they  aren’t 
designed  to  block  attacks.  IPSs  thoroughly 
examine  all  packets  that  come  through 
and  make  instant  decisions  on  whether  to 
grant  access  or  block  them. 

An  IPS  is  loaded  with  filters  that  halt 
attacks  against  all  types  of  system  vulnera¬ 
bilities.  When  a  new  vulnerability  is  discov¬ 
ered,  a  filter  is  created  and  added  to  the 
IPS.  Any  malicious  attempt  to  exploit  these 
vulnerabilities  is  blocked  immediately 

IPSs  are  capable  of  total  flow  inspection 
to  detect  all  types  of  attacks  that  exploit 
Layer  2  (media  access  control)  to  Layer  7 
(application)  vulnerabilities.  Traditional 
firewalls  are  limited  to  Layer  3  or  Layer  4 
inspection  and  cannot  detect  attacks  at  the 
application  level  that  are  contained  within 
the  packet  payload. 

The  IPS  packet-processing  engine  is 
based  on  a  set  of  highly  specialized,  cus¬ 
tom  application-specific  integration  cir- 
cuits.Total  inspection  of  every  bit  in  a  pack¬ 
et  is  required.  Deep  packet  inspection 
doesn’t  examine  every  single  byte  in  a  pay- 
load,  so  it  could  miss  attacks. 

Flow  data  inspection  requires  that  the 
payload  of  each  packet  in  a  flow  be 
reassembled.  Then,  the  IPS  device  applies 


filters  to  the  full  context  of  the  flow  every 
time  a  new  packet  for  that  flow  arrives. 

Packets  are  classified  and  fully  inspected 
against  all  relevant  filters  before  being 
allowed  to  exit.  The  classification  is  based 
on  packet  header  information  such  as 
source  and  destination  IP  addresses  and 
ports,  and  application  fields. 

Each  filter  consists  of  a  set  of  rules  defin¬ 
ing  conditions  that  must  be  met  to  ascer¬ 
tain  that  a  packet  or  flow  is  malicious. 
These  rules  can  be  extensive  to  ensure 
accuracy.  When  classifying  traffic,  the 


engine  must  assemble  a  flow  payload  and 
parse  it  into  meaningful  fields  for  contex¬ 
tual  analysis.  For  example, a  buffer  overflow 
attack  could  require  the  engine  to  identify 
the  reference  to  a  buffered  parameter  at 
the  application  layer  and  then  evaluate  its 
characteristics  to  detect  the  attack. 

To  prevent  an  attack  from  reaching  its 
target,  the  instant  a  flow  is  determined  to 
be  malicious  the  latest  packet  is  dropped 
along  with  any  subsequent  packets  belong¬ 
ing  to  the  offending  flow. 

To  detect  traffic  intended  to  exploit  sys¬ 


tem  vulnerabilities,  a  variety  of  filters  is 
required.  Some  attacks  such  as  known 
exploits  can  be  detected  with  specific  sig¬ 
natures  or  pattern-matching  filters.  Others, 
such  as  buffer  overflows,  require  more- 
sophisticated  filters  that  can  be  expressed 
with  rules  that  utilize  protocol-  and  appli¬ 
cation-level  decoders.  Finally,  multi-flow 
attacks  such  as  network  sweeps  and  pack¬ 
et  flooding  require  filters  that  gather  statis¬ 
tics  and  expose  anomalies  over  an  aggre¬ 
gation  of  flows. 

The  filter  engine  combines  pipelined  and 
massively  parallel-processing  hardware  to 
perform  thousands  of  filter  checks  on  each 
packet  simultaneously  Parallel  filter  pro¬ 
cessing  ensures  that  the  packet  continues 
to  move  through  the  system  quickly  regard¬ 
less  of  the  number  of  filters  applied.  This 
hardware  acceleration  is  critical  because 
traditional  software  solutions  must  check 
filters  serially  and  consequently  sacrifice 
performance. 

The  IPS  is  a  transparent  device  and 
becomes  part  of  the  link  it  splices.To  avoid 
becoming  the  weak  link,  the  IPS  is 
equipped  with  intrinsic  redundancy  and 
failover  mechanisms  to  ensure  the  network 
will  continue  to  operate  in  the  event  of  a 
failure. 

In  addition  to  serving  a  front  line  of 
defense,  IPS  is  also  a  network  cleansing 
tool  that  eliminates  malformed  packets 
and  controls  non-mission-critical  applica¬ 
tions  to  protect  bandwidth.  For  example, 
IPSs  have  been  effective  in  stemming  the 
illegal  transfer  of  copyrighted  files  through 
peer-to-peer  file-sharing  applications. 

Willebeek-LeMair  is  CTO  for  TippingPoint 
Technologies.  He  can  be  contacted  at 
marc@tippingpoint.  com. 


Dr.  Internet  By  Steve  Blass 

Are  there  any  open  source  or  shareware  .Net  com¬ 
piler  and  Integrated  Development  Environment 
projects  that  give  alternatives  to  Visual  Studio  .Net 
for  beginning  with  C#  and  .Net  programming? 

You  can  get  the  Microsoft  C#,  C++  and  Visual 
Basic  .Net  compilers  free  by  downloading  the  .Net 
Software  Development  Kit  directly  from  Microsoft. 
This  provides  basic  command-line  development 
capabilities,  and  includes  several  examples  that 


show  how  to  use  each  language  for  part  of  a  pro¬ 
ject  and  then  integrate  the  pieces.  Mono  is  a  CLI- 
compatible  open  source  C#  compiler  for  Linux 
and  other  systems,  available  at  www.nwfusion. 
com,  DocFinder:  6932.  It  can  produce  software 
using  Linux  that  will  run  in  the  Windows  .Net  envi¬ 
ronment.  To  get  an  IDE  to  go  with  the  compiler(s), 
visit  SharpDevelop  at  DocFinder:  6933.  This  is  a 
free  open  source  IDE  for  the  .Net  platform  that 
supports  C#  and  Visual  Basic  software  develop¬ 


ment,  and  includes  a  form  designer  and  basic  XML 
integration  support.  Another  IDE  is  Eclipse 
(DocFinder:  6934),  a  Java  IDE  platform  from  IBM 
and  others.  By  installing  the  Improve  C#  plug-in  at 
DocFinder:  6935  or  the  Eclipse  Project  CDT  plug 
in,  you  can  compile  and  build  .Net  software. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr  internet® 
changeatwork.  com. 
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Technology  Update 


GEARHEAD 
INSIDE  THE 
NETWORK 
MACHINE 


A  couple  of  weeks  ago  we  threatened 
to  discuss  Samba,  the  open  source 
freeware  implementation  of  the 
Server  Message  Block  protocol.Well.it  was 
no  idle  threat.  Here  we  go  . . . 

Samba  is  a  remarkable  piece  of  engi¬ 
neering.  It  provides  directory  tree  brows¬ 
ing  and  sharing;  disk,  file  and  printer  shar¬ 
ing;  Windows  Internet  Name  Service 
(WINS)  resolution;  and  Windows  domain 
client  authentication.  It  runs  under  Linux, 
Unix, VMS  and  Mac  OS  X. 

What  is  interesting  is  that  where  high 
performance  is  necessary  Samba  under 
Unix  (which  is  known  to  be  a  very  stable 
and  robust  pairing)  has  been  bench- 
marked  to  outperform  Windows  Server 
2000  on  identical  hardware  by  a  factor  of 
2  to  1 .  It  also  requires  no  client  licenses 
and  is  well-documented.  In  short,  Samba 
is  an  awesome  service  tool  for  heteroge¬ 
neous  networks. 

First,  what  is  Server  Message  Block 
(SMB)? To  answer  this  we  need  to  go  back 


Sharing  with  Samba 


to  1984  when  IBM  released  the  Network 
Basic  Input/Output  System  (NetBIOS)  as 
the  protocol  for  low-level  file  access 
across  IBM  PC  or  Token  Ring  networks. 
We’ll  skip  over  a  chunk  of  history  here 
and  jump  to  1987  when  the  IETF  pub¬ 
lished  RFC  1001  and  1002,  which  defined 
NetBIOS  over  TCP/User  Datagram  Proto¬ 
col  (UDP)  transport,  otherwise  called 
NBT.  NBT  defines  the  naming,  datagram 
service  and  session  service. 

All  of  the  preceding  discussion  of 
NetBIOS  is  important  because  that  is  the 
transport  for  the  exchange  of  SMB  re¬ 
quests  and  responses.  The  SMB  protocol 
was  created  by  IBM  in  1985  for  LAN 
Manager  and  essentially  split  out  the  file 
access  mechanism  from  the  lower-level 
services  NetBIOS. 

And  there’s  isn’t  just  one  version  of  SMB 
(of  course)  —  the  protocol  is  covered  by 
multiple  standards.  The  versions  that  inter¬ 
est  us  most  are  NT  LAN  Manager  0.12  and 
the  Common  Internet  File  System  (which 
Windows  2000  and  XP  use).  Interestingly, all 
versions  of  SMB  are  backward-compatible, 
and  a  single  network  can  support  any  mix 
of  versions  simultaneously 

SMB  servers  are  computers  that  provide 
access  to  resources  —  disk  storage,  files 
and  printers  —  that  can  be  shared  with 


SMB  clients.  And  at  any  given  time  a 
machine  can  be  a  server,  a  client  or  both 
simultaneously. 

Establishing  an  SMB  connection  to  a 
shared  resource  (usually  simply  called  a 
“share”)  is  a  four-step  process:  First,  a 
NetBIOS  session  must  be  negotiated  and 
set  up;  next,  the  SMB  protocol  that  is  to  be 
used  must  be  negotiated;  the  session  para¬ 
meters  must  be  set;  and  finally  a  “tree  con¬ 
nection”  to  the  resource  must  be  made. 

Negotiating  a  NetBIOS  session  requires 
that  computers  first  register  their  name, 
workgroup  and  resource  type  (actually 
each  computer  registers  its  name  multi¬ 
ple  times  —  one  for  each  resource  it 
offers).  Registration  can  be  done  with  a 
NetBIOS  Name  Server  (a  computer  that 
acts  as  a  central  authority  for  NetBIOS 
name  registration  and  resolution)  or  with¬ 
out  (in  which  case  each  computer  is 
responsible  for  reporting  its  IP  address 
when  it  receives  a  broadcast  request  for 
its  NetBIOS  name). 

In  a  Windows  network,  NetBIOS  Name 
Service  is  provided  by  WINS  if  there  is  a 
Win  2000  or  NT  server  available  and  con¬ 
figured  to  provide  WINS.  Now  under  Win¬ 
dows  a  WINS  server  can  be  a  primary 
server  (that  is  the  one  that  is  active)  or  a 
secondary  server  (intended  to  take  over 


www.nwfusion.com ; 


name  serving  if  the  primary  becomes 
unavailable).  Note  that  Windows  WINS 
servers  automatically  synchronize  their 
name  data  regularly. 

While  you  might  assume  that  peer-to-peer 
address  resolution  is  less  efficient  and  gen¬ 
erates  more  traffic,  the  overhead  is  mini¬ 
mal.  On  the  other  hand,  a  centralized 
NetBIOS  Name  Server  is  more  efficient. 
Samba  can  provide  a  primary  WINS  ser¬ 
vice  but  cannot  act  as  a  secondary  WINS 
server  or  provide  synchronization  with  sec¬ 
ondary  Windows  WINS  servers. 

Resource  types  include  the  two 
resources  that  matter  most  to  us:  the 
Standard  Workstation  Service  and  the 
Fileserver  (which  also  can  provide  print 
service).  When  a  name  is  resolved  the 
resource  type  also  is  returned  so  the 
requestor  can  determine  the  target 
machine’s  capabilities. 

There’s  a  lot  more  to  say  about  Net¬ 
BIOS  operations  but  that’s  the  topic  of  a 
separate  column.  For  now,  we’ll  leave  it 
that  a  session  can  be  established  and 
we’re  ready  to  negotiate  the  SMB  proto¬ 
col.  But  you'll  have  to  wait  until  next 
week  for  that. 

Start  you  own  session  with  gearhead@ 
gibbs.com. 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Sony  goes  wireless  with  new  Clie  PDA 

Sony  recently  launched  its  latest  Clie  PDA,  the  PEG- 
UX50,  integrating  wireless  LAN  (802.11b)  and  Bluetooth 
technologies.  The  $700  PDA  will  be  available  in 
September,  although  it  can  be  pre-ordered  at  the  compa¬ 
ny’s  Web  site  (www.sonystyle.com/clie).  Sony  also  is 
releasing  a  Bluetooth-only  version  of  the  Clie  (the 
PEG-UX40),  which  will  cost  about  $600. 

The  devices  have  an  integrated 
digital  camera,  voice  re¬ 
corder,  digital 
audio 
player  and 
high-resolu- 
tion  color 
screen  with 
support  for 
landscape  ori¬ 
entation.  It  in¬ 
cludes  the  Net- 
Front  Web  browser 
for  viewing  of  HTML- 
based  WVb  sites. 

The  integrated  Wi-Fi 
on  the  UX-50  also  in¬ 
cludes  a  software  sniffer 
that  detects  Wi-Fi  signals 
and  automatically  sets 


the  connection, Sony  says.The  Clie  includes  a  new  proces¬ 
sor  called  the  Handheld  Engine  that  features  the  compa¬ 
ny’s  Dynamic  Voltage  and  Frequency  Management  tech¬ 
nology  to  maximize  battery  life.  Depending  on  the  appli¬ 
cation,  the  processor  automatically  operates  at  a  frequen¬ 
cy  that  draws  a  minimum  of  power  supply  voltage  by  mon¬ 
itoring  its  operation  speed,  Sony  says.  Other  features 
include  29M  bytes  of  internal  memory  (for  storing  video 
and  other  data  files),  and  a  Memory  Stick  Pro  slot,  which 
supports  Memory  Stick  Pro  and  Memory  Stick  cards. 

Sharp  adds  DVD  burner  to  its  latest  notebook 

Sharp  last  week  announced  enhancements  to  its 
Actius  RD  notebooks.  The  RD20  is  a  desktop-replace¬ 
ment  notebook  that  includes  increased  processor 
speeds,  extra  memory,  upgrades  to  video  processors  and 
memory,  and  a  DVD  burner. 

The  RD20  comes  with  an  Intel  Pentium  4  3.06-GHz 
processor,  512M  bytes  of  DDR  SDRAM  (upgradable  to 
1G  byte),  a  60G-byte  hard  drive  and  an  NVIDIA 
GeForce  4  440  Go  graphics  processor  with  64M  bytes 
of  memory.lt  has  a  15-inch  XGA  (l,024-by-768-pixel) 
LCD  screen  and  a  “one-touch”  button  that  improves 
brightness  for  movie  watching  or  game  playing.The 
lower-brightness  setting  can  be  used  to  run  normal 
office  applications.  The  notebook  also  includes 
Sharp’s  DVD  optimization  software,  sharp-fx,  a 
module  for  the  InterVideo  WinDVD  player  that 
adjusts  image  contrast. 

fe.  The  RD20  features  integrated 
802.11b  wireless  connectivity, 
and  expansion  slots  that 
support  Memory  Stick 
(the  first  non-Sony 

Ir  notebook  with  this), 
Secure  Digital,  Smart- 
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Sharp’s  Actius  RD20 
includes  a  one-touch 
screen  brightener. 


Sony's  new  Clie  PDA  conies 
with  802.11b  and  Bluetooth 
technologies. 


Media  and  Compact  Fash  cards.  It 
also  has  an  i.Link  (IEEE  1394)  port 
and  four  USB  2.0  ports. 

The  unit  starts  at  about 
$2,500,  and  is  available  at 
Sharp’s  Web  site  (http:// 
sharp. smarter 
mall.com). 

Toshiba 

gets  Media-sawy  with 
new  notebooks 

Toshiba  last  week  got  into  the 
17-inch  wide-screen  notebook 
arena  with  its  first  notebook,  which  includes  Windows  XP 
Media  Center  Edition.  The  Satellite  P25-S607  includes  a 
wide-screen  display  with  l,440-by-900-pixel  resolution, 
and  can  record  television. 

The  notebook  also  has  integrated  wireless  capabilities, 
and  802.11a  and  802.11b  are  supported.  It  includes 
Toshiba’s  ConfigFree  software,  which  aims  to  make  man¬ 
aging  wireless  connections  easier. 

The  P25-S607  includes  an  Intel  Pentium  4  processor 
(2.8  GHz)  with  Intel’s  Hyper-Threading  Technology, 
512M  bytes  of  RAM  (expandable  to  2G  bytes),  60G 
bytes  of  hard  drive  space,  a  DVD  multi-drive,  NVIDIA 
GeForce  FX  Go5200  graphics  card  with  64M  bytes  of 
memory  and  a  Harman  Kardon  sound  system.  Ex¬ 
pansion  slots  include  a  Secure  Digital  slot,  i.Link  (IEEE 
1394)  port,  four  USB  2.0  ports,  integrated  TV  tuner,  V.92 
modem  port,  10/100  Ethernet  port,  S-Video  TV  output 
and  infrared  ports  that  include  an  optional  Toshiba 
remote  control. 

The  notebook  is  expected  early  next  month  for  about 
$2,700.Go  to  Toshiba’s  Web  site  (www.shoptoshiba.corn) 
for  more  details. 

Shaw  can  be  reached  at  kshaw@nww.com. 
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I  want 


I  want 


a  VPN 


a  VPN 


that  expands 


with  the 


our  reach 


flexibility  to 
incorporate 
new  technology. 


and  reduces 


our  budget. 


We  want  network  intelligence. 

Together,  from  one  company. 


- 

MCI 


An  MCI  VPN  has  intelligence  built  right  in.  It  gives  you  the  power  to 
blend  private  and  public  networks  securely  and  seamlessly,  so  you  can 
add  capabilities  like  remote  access  without  investing  in  an  entirely  new 
infrastructure.  Whether  you  manage  your  VPN  or  MCI  does,  you  can 
always  access  our  extraordinary  range  of  cost-effective  services  and 
technology.  Together,  we  can  expand  your  network  capabilities  the  only 
way  we  know  how:  intelligently.  To  get  your  MCI  VPN  solution  now. 
call  1  888  886  3844  or  go  to  www.mci.com/go/online/vpn 
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IBM  recommends  Microsoft®  Windows®  XP  Professional  for  Business. 


Warranty  Information:  For  a  copy  ot  applicable  product  warranties,  write  to:  Warranty  Information.  P.0.  Box  12195.  RTP,  NC  27709,  Attn:  Dept  JDJA/B203.  IBM  makes  no  representation  or  warranty  regarding  third-party  products  or  services  ‘Prices  do  not  include  tax  or  shipping 
and  are  subject  to  change  without  notice  Reseller  prices  may  vary  Public  access  not  available  in  all  areas.  Access  fees  may  apply.  'Requires  download  of  client  software.  'Based  on  IEEE  802.11b.  This  wireless  LAN  product  has  been  designed  to  permit  legal  operation  worldwide  in 
regions  in  which  it  is  approved  Operation  on  channels  12-14  is  not  permitted  in  all  regulatory  regions  of  the  world  Consequently,  the  wireless  LAN  feature  is  limited  to  operate  on  channels  1-11  and  will  not  support  channels  12. 13  and  14.  This  product  has  been  tested  and  certified 
to  be  inter  operable  by  the  Wireless  Ethernet  Compatibility  Alliance  and  is  authorized  to  carry  the  Wi-Fi  logo.  ‘For  ThinkPad  and  NetVista  models  without  a  separate  video  card,  memory  supports  both  system  and  video.  Accessible  system  memory  may  be  up  to  64MB  less  than  the 
amount  stated  depending  on  video  mode  GB  =  1.000.000,000  bytes  when  referring  to  storage  capacity.  Accessible  capacity  is  less;  up  to  3GB  is  used  in  service  partition  ‘These  model  numbers  achieved  eTesting  Labs.  Inc.'s  BatteryMark'“  4  01  or  the  Ziff  Davis  Media,  Inc  s 
Business  WmsL  .  2002  BatteryMark  Version  10  Battery  Rundown  Time  of  at  least  the  time  shown  This  test  was  performed  without  independent  verification  by  the  VeriTest  testing  division  of  Lionbridge  Technologies.  Inc.  ("VeriTesf)  or  Ziff  Davis  Media.  Inc  ;  neither  Ziff  Davis 
Media  Inc  nor  Ver  -st  makes  any  representations  or  warranties  as  to  these  test  results.  Winstone  is  a  registered  trademark  and  BatteryMark  is  a  trademark  of  Ziff  Davis  Publishing  Holdings.  Inc.,  in  the  U  S.  and  other  countries.  A  description  of  the  environment  under  which  the 
test  was  performed  is  available  at  ibm  com.'pc/ww/thinkpad'banerytite  Battery  life  (and  recharge  times)  will  vary  based  on  many  factors  including  screen  brightness,  applications,  features,  power  management,  battery  conditioning  and  other  customer  preferences.  Includes  battery 
and  optional  travel  be.  -  nstead  ot  standard  optical  drive  in  Ultrabay  bay.  if  applicable:  weight  may  vary  due  to  vendor  components,  manufacturing  process  and  options.  Thinness  may  vary  at  certain  points  on  the  system.  *Some  software  may  differ  from  its  retail  version  (if  available) 
and  may  not  include  user  manuals  or  all  program  functionality  Sotiware  license  agreements  may  apply  ’Telephone  support  may  be  subject  to  additional  charges.  If  a  machine  is  listed  as  having  "Onsite  service  for  select  repairs’  or  "Limited  onsite  service"  this  means  that  onsite 
service  is  available  only  tor  the  replacement  ot  select  parts  For  all  other  warranty  repairs.  IBM  will  provide  the  customer  a  replacement  part  for  customer  installation.  The  parts  for  which  onsite  service  is  available  varies  by  machine,  but  may  include  the  processor,  power  supply. 


Take  off  to  parts  unknown  with  an  IBM  ThinkPad®  wireless  notebook. 
The  world’s  easiest  way  to  switch  between  wired  and  wireless. 


Wherever  you  want  to  work,  the  sky  is  the  limit  when  you  have  IBM  ThinkPad 
notebooks  with  Access  Connections  software  and  wireless  Intel®  Centrino™  mobile 
technology  (on  select  models).  Now  it’s  easier  than  ever  to  switch  between  wired  and 
wireless  networks  -  whether  you’re  at  an  airport,  the  office,  an  Internet  cafe,  even 
your  kitchen.'  So  consider  the  IBM  ThinkPad  wireless  notebook,  and  experience  a 
whole  new  level  of  wireless  possibilities,  think  f  rGGClOITI 


1  866  426-3783  I  ibm.com/shop/m191 

Save  on  shipping.  Order  online.11 


NEW!  IBM  ThinkPad  T40 

Distinctive  IBM  Innovations: 

•  Access  Connections  -  easiest  wired  and 
wireless  connectivity 

•  IBM  Embedded  Security  Subsystem  2.0 

System  Features: 

•  Intel  Centrino™  mobile  technology 

-  Intel  Pentium'  M  processor  1.3GHz  supports 
Enhanced  Intel  SpeedStep  technology" 

-  Intel  PRO/Wireless  Network 
Connection  802.11b3 

•  14.1*  XGA  TFT  Display  (1024x768) 

•  256MB  DDR  SDRAM  std/2GB  max- 

•  30GB  hard  drive5 

•  Ultrabay™  Slim  DVD-ROM 

•  6.1 -hr  battery  litef  •  5.6-lb  travel  weight 

•  Microsoft  Windows  XP  Professional8 

•  1-yr  system/battery  limited  warranty" 


$1,599* 


NavCode  2378D2U-M191 


ServicePac1  Service  Upgrade:10 
3-yr  Onsite  Repair/9x5/Next  Business 
Day  Response 
(#30L91 95)  s243 


NEW!  IBM  ThinkPad  R40 

Distinctive  IBM  Innovations: 

•  Access  Connections  -  easiest  wired  arid 
wireless  connectivity 

•  IBM  Embedded  Security  Subsystem  2.0 

System  Features: 

•  Intel  Centrino™  mobile  technology 

-  Intel  Pentium"  M  processor  1  3GHz  supports. 
Enhanced  Intel  SpeedStep  technology 3 

-  Intel  PRO/Wireless  Network 

Connection  802.1  lb3  ,  ;  • 

•  14.1‘  XGA  TFT  Display  (1024x768) 

•  256MB  DDR  SDRAM  std/IGB  max.  -  .  - 

•  20GB  hard  drive  •  _ 

•  Ultrabay  Plus  CD-RW/DVD-ROM  combo  drive-;.'; 

•  6.1 -hr  battery  life  •  5.6-lb  travel  weight 

•  Microsoft  Windows  XP  Professional  ,  ' 

•  1-yr  system/battery  limited  warranty"  - 

*1,399* 

■  NavCode  289723U-M1 91 

ServicePac  Service  Upgrade:10  1 
2-yr  Onsjte  Repair/9x5/Next  Business- ..  ■ 

Day  Response  '  •  .?*■: t 

(03OL9189)  s197  */• 


heatsink,  system  board  or  base  cover.  To  determine  the  complete  list  of  parts  for  which  onsite  service  is  available  for  a  particular  machine,  contact  IBM  IBM  will  attempt  to  diagnose  and  resolve  any  problems  remotely  before  sending  a  replacement  part  or  technician  fr sc.  ..res 
are  available  for  machines  normally  used  for  business,  professional  or  trade  purposes,  rather  than  personal,  family  or  household  purposes.  Not  all  machine  types  and  models  are  covered.  Service  period  begins  with  the  equipment  date  of  purchase  Service  must  be  pur-. : ,  —  :„r,"  . 
the  original  limited  product  warranty  period.  Service  levels  are  response-time  obiectives  and  are  not  guarantees.  A  service  technician  is  scheduled  to  arrive  at  your  location  within  two  or  four  business  hours  or  the  next  business  day  (depending  on  service)  aftsi  remc-;  ^robi  -■ 
determination  is  completed.  For  the  9x5x4-hour  service,  calls  dispatched  after  1 :00  p.m.  local  time,  you  can  expect  the  service  technician  to  arrive  by  the  morning  of  the  next  business  day.  For  noncritical  service  requests,  a  service  technician  will  arrive  by  the  end  of  the  'o  ; 
business  day  It  the  machine  problem  turns  out  to  be  a  Customer  Replaceable  Unit  (CRU),  IBM  will  express  ship  the  part  to  you  for  quick  replacement.  Onsite  24x7x2-hour  service  is  not  available  in  all  locations.  External  peripherals,  such  as  racks,  tape  drives  and  chaui'd  ■  nn.: 
require  their  own,  separate  service  coverage;  they  are  not  covered  under  the  attached  Machine.  Service  activation  is  required  immediately  following  purchase.  For  ThinkPad  notebooks  requiring  LCD  or  other  component  replacement.  IBM  may  choose  to  perform  service  v  the  :• 

repair  center  For  tailing  non-IBM  components,  customer  must  provide  replacement  part  unless  IBM  has  a  Technical  Support  Agreement  with  the  manufacturer.  Service  does  not  cover  accessories,  supply  items  and  certain  parts  such  as  batteries,  frames  am:  covers  'S:.-.i.  f 

shipping  included  when  you  order  online  U.S.  only.  ’’With  Intel  SpeedStep,  processor  speed  may  be  reduced  to  conserve  battery  power.  IBM  reserves  the  right  to  alter  product  offerings  and  specifications  at  any  time,  without  notice  IBM  is  not  respons  cie  for  phctop'  :  .  ,r 

typographic  errors  All  IBM  product  names  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in  the  U.S.  and  other  countries.  Lotus  and  SmartSuite  are  registered  trademarks  of  Lotus  Development  Corporation,  an  IBM  Comoany.  in:  r  '- 
Inside,  the  Intel  Inside  logo.  Celeron,  Intel  Centrino.  the  Intel  Centrino  logo  and  Pentium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  U.S.  and  other  countries.  Microsoft  and  Windows  are  trademarks  or  registered  trademarks  oi  Micrcsr-lt 
Corporation  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  ot  others.  ©  2003  IBM  Corp.  All  rights  reserved. 
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EDITORIAL 

Beth  Schultz 

Looking  for 
innovation 
that  matters 


In  a  scant  four  months  in  late  2001,  insurance  firm 
Royal  &  SunAlliance  USA  upgraded  7,000  Windows 
95  PCs  to  XP  while  simultaneously  rolling  out  Active 
Directory  as  the  core  of  a  new  identity  management  sys¬ 
tem,  switching  to  a  new  software  distribution  server  and 
implementing  self-service  password  management.  In  the 
process,  the  company  saved  $1.5  million. 

The  network  infrastructure  team  at  R&SA  USA  jumped 
through  hoops  to  make  this  $3.2  million  project  a  reality 
—  and  jumped  right  into  the  spotlight  as  our  2002  User 
Excellence  Award  winner. The  project  is  a  great  example 
of  how  innovative  use  of  technology  can  solve  a  business 
problem,  and  then  some. 


NetworkWorid 


No  doubt  many  of  you  have  faced  down  tricky  business 
challenges  by  applying  network  technology  in  inventive 
or  particularly  effective  ways.  And  in  doing  so  maybe 
you’ve  saved  the  company  a  bundle;  drastically  improved 
employee  productivity;  made  it  possible  to  strengthen  ties 
to  customers,  suppliers  and  other  business  partners;  or 
otherwise  improved  corporate  operations. 

If  you  think  your  network  project  is  worthy  of  broad 
recognition  and  deserving  of  the  Network  World  User 
Excellence  honor,  we  encourage  you  to  enter  this  year’s 
competition. Think  about  joining  the  ranks  of  prestigious 
winners  such  as  American  Airlines,  Ford  Motor,  Olsten 
Staffing  Services,  Prudential  Financial,  R&SA  USA  and  the 
many  other  companies  we’ve  recognized  in  the  18  years 
of  this  competition. 

To  enter  your  project  in  the  2003  User  Excellence  Award 
competition,  go  to  NetworkWorid  Fusion  (www.nwfusion 
.com,  DocFinder:  6936)  and  fill  out  a  nomination  form  by 
Aug.  29.  As  always,  we  will  evaluate  submissions  based  on 
the  business  case,  technology  choice  and  core  benefits. 
We  want  to  know  how  your  network  meshes  with  your 
company's  goals  and  how  the  project  contributed  to  the 
organization’s  bottom  line. 

If  you  win,  we’ll  tell  your  story  in  the  Power  Issue,  the 
special  year-end  Network  World  issue  that  publishes 
i  Vc.  22-29.  In  short, you  will  receive  industry  recognition 
for  your  accomplishments.  And  what  could  be  better 

than  that? 

—  Beth  Schultz 
Editor.  Signature  Series 
bschultz@nww.  com 


The  winner:  Ethernet 

Kevin  Tolly’s  column  “Ethernet  at  30”  (www.nwfu 
sion.com,  DocFinder:  6922)  is  a  hoot.  In  it  he  pre¬ 
tends  to  offer  a  stunning  expose  of  the  well-estab¬ 
lished  fact  that  today’s  Ethernet  bears  little  resem¬ 
blance  to  the  first  Ethernet,  which  Dave  Boggs 
and  I  started  building  in  1973. This  fact  is  so  well- 
established  that  it  is  grandly  amplified  in  the 
story  “Ethernet:  It  isn’t  just  for  LANs  anymore” 
(DocFinder:  6923),  only  16  pages  later  in  the 
same  issue. 

Tolly  has  written  a  series  of  columns  over  the  years 
endlessly  defending  various  token  rings,  including 
FDDI’s  and  IBM’s. And  now  when  even  IBM  has  given 
up  on  its  token  ring,  Tolly  drones  on.  His  latest  col¬ 
umn  is  just  more  defensive  gotcha  against  Ethernet. 
Kevin,  wake  up:  Ethernet  has  won. 

Bob  Metcalfe 
Ethernet  inventor 
Boston 

Hatch  and  copyrights 

Regarding  Mark  Gibbs’ column  “Sen.  Hatch  and  the 
record  industry’s  jihad”  (DocFinder:  6924):  While  1 
don’t  download  music,  I  can  see  why  many  people 
do.  It’s  a  classic  case  of  shareware  many  people 
have  grown  up  with.  Add  to  this  mindset  the  viola¬ 
tion  of  Article  1,  Section  8,  Paragraph  8  (limited¬ 
time  copyrights  and  patents)  of  the  U.S. 
Constitution  by  Congress  and  you  can  understand 
why  people  have  no  problem  making  copies  of 
“copyrighted”songs. Sen.  Hatch  ought  to  read  what 
the  Constitution  says  about  copyrights  and 
patents,  and  stop  trying  to  create  perpetual  copy¬ 
rights  and  patents. 

Donald  Laster 
West  Long  Branch,  N.J. 


E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


Style  over  substance 

Regarding  “Trade  shows  look  to  lure  buyers,  not  big 
turnouts”  (DocFinder:  6925):  Please,  please  tell  me 
that  cdXpo  Chairman  Jack  Powers’  quote  about 
“some  white  guy  with  a  Power  Point  droning  on”was 
a  misprint  of  some  type.  I’m  all  for  shaking  up  the 
establishment  and  going  out  on  a  limb  to  promote 
your  product,  but  some  of  us  white  guys  prefer  sub¬ 
stance  over  style.  Lotsa  luck  with  your  show;  I’ll  con¬ 
tinue  getting  my  information  from  Comdex. 

Mark  Russell 
IT  analyst 
DSC  Logistics 
Huntersville,  N.C. 

Gates  the  spammer 

I  can’t  understand  why  Network  World  gives  Bill 
Gates  a  halo  and  labels  him  a  spam  fighter  (see 
“The  Good,  the  Bad,  the  Uglyf  June  30,  page  8). 

Microsoft  is  bragging  about  suing  15  spammers, 
but  at  the  same  time  the  company  has  an  army  of 
lawyers  in  Sacramento  fighting  a  tough  California 
anti-spam  bill  (SB12)  introduced  by  State  Senator 
Debra  Bowen.  Bowen  claims  that  “they  [Microsoft] 
don’t  want  to  ban  spam  —  they  want  to  license  it 
and  make  money  from  spammers.” 

Robert  Morrisette 
San  Jose 

Toothy  legislation 

Regarding  “Calif,  breach-disclosure  law  raises  ques¬ 
tions,  concerns”  (DocFinder:  6926):  It’s  about  time 
lawmakers  passed  a  law  with  real  teeth  in  it  that  will 
help  curb  identify  theft  by  forcing  companies  that 
utilize  insecure  products  and  methods  to  be  held 
accountable.  This  will  result  in  a  win-win  situation 
for  everyone. 

Morris  Hood 
Palo  Alto 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder  6921 


www.nwfusion.com 
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Security  is  not  a  quilt,  so  let's  patch  less 


By  the  time  you  finish  reading  this  column,  another  alert  will  have 
been  issued  or  new  patch  code  posted  regarding  the  latest  vul¬ 
nerability  that  has  been  deemed  “critical”  by  one  of  your  vendors. 
From  the  moment  new  vulnerabilities  appear,  application  vendors 
work  frantically  to  develop  an  effective  patch,  which  their  customers 
then  rush  to  test  and  implement. This  race  is  repeated  weekly  daily  or 
even  multiple  times  per  day  creating  a  vicious  cycle  in  which  IT  per¬ 
sonnel  spend  too  much  valuable  time  patching  systems. 

Patch-mania  has  spawned  a  group  of  products  that  help  companies 
manage  their  patching  efforts. Unfortunately, by  relying  on  a  patch-man¬ 
agement  system  to  fight  the  vulnerability  battle, you ’re  likely  to  lose  the 
security  war.  I’m  not  implying  that  patch-management  systems  cannot 
be  effective, because  some  are.The  problem  is  the  underlying  approach 
to  security  that  necessitates  these  systems.  (For  more  information  on 
patch  management, see  related  story,  page  24.) 

Today’s  approach  to  patching  is  the  equivalent  of  every  person  in 
the  U.S.  immediately  testing  and  contemplating  an  inoculation  for 
every  known  disease,  without  respect  to  whether  they  are  likely  to  be 
exposed, or  to  the  health  cost  if  they  are  exposed.This  approach  is  not 
only  time-consuming  and  costly,  but  also  nonsensical.  Do  we  really 
need  a  management  system  to  inoculate  every  U.S.  citizen  for 
typhoid?  No.  Humans  are  vulnerable  to  typhoid  and  the  cost  of  infec¬ 
tion  could  be  very  high,  but  the  disease  poses  no  threat  to  most  peo¬ 
ple  living  in  the  U.S. 

Before  patching,  companies  need  to  investigate  not  only  whether 
they  are  vulnerable  to  attack  or  infection,  but  also  the  likelihood  of 


attack  or  infection  (threat)  and  the  resulting  impact  (cost). According 
to  research  conducted  by  TruSecure,  the  average  Global  2000  corpo¬ 
ration  can  reduce  the  number  of  patches  that  are  short-term  con¬ 
cerns  to  less  than  4%  of  those  issued  simply  by  reconfiguring  its  exist¬ 
ing  security  resources  properly  and  taking  a  more  proactive  stance 
on  security  This  means  that  96%  or  more  alerts  and  patches  from  tech¬ 
nology  vendors  are  not  crucial  and  carry  no  near-term  security  risk  to 
most  companies. 

There  are  even  some  instances  where  a  company  is  vulnerable  — 
the  threat  level  and  cost  of  infection  are  high  —  but  patching  still  is 
not  the  answer.  Aggressive  patching  ranked  last  of  the  seven  measures 
that  actually  worked  to  protect  companies  from  the  SQL  Slammer 
worm  that  struck  earlier  this  year.  The  other  six  protective  measures 
were  all  proactive  and  generic  —  and  all  were  much  easier,  less 
expensive  and  more  effective  against  not  only  the  Slammer  worm,  but 
against  the  majority  of  attacks. 

Isn’t  it  time  companies  realize  that  throwing  more  money  and 
resources  at  a  problem  that  is  only  getting  worse  is  not  the  answer? 
Don’t  security  practitioners  understand  that  now’s  the  time  to  take  a 
proactive  stance  and  address  only  vulnerabilities  that  pose  the  great¬ 
est  security  risks?  If  the  answers  to  these  questions  are  “no,”  it  must  be 
time  to  patch  again. 

Tippett  is  CTO  of  TruSecure  and  a  member  of  the  Presidential 
Information  Technology  Advisory  Committee.  He  can  be  reached  at 
ptippett@trusecure.  com. 


Isn't  it  time  com¬ 
panies  realize 
that  throwing 
more  money  at  a 
problem  that  is 
only  getting 
worse  is  not  the 
answer? 


INDUSTRY  COMMENTARY 

Frank  Dzubeck 


It’s  time  to  start  treating  carrier  services  as  a 
public  utility,  similar  to  transportation, 
water  and  electricity  Large  corporations 
expect  that,  like  a  public  utility  their  commu¬ 
nications  transport  will  be  always  on  and 
always  available  to  users.To  get  this  degree  of 
service,  they  pay  for  private  line  or  fiber  con¬ 
nectivity  At  most  two  carriers  —  an  incumbent  local  exchange  carrier 
and  interexchange  carrier  —  supply  a  single  service,  and  testing  is 
largely  automated.  End  users  take  guaranteed  redundancy  and  suffi¬ 
cient  capacity  for  granted  as  part  of  the  carrier  service  offering  and  the 
company’s  internal  infrastructure. 

The  same  is  not  true  in  the  small  and  medium-sized  business  (SMB) 
and  small  office/home  office  (SOHO).  In  these  environments,  carrier 
switched  services,  which  are  only  sometimes  on  and  sometimes  avail¬ 
able,  comprise  the  majority  of  voice  and  data  connectivity. In  this  world, 
three  or  more  carriers  —  ILEC,  ISPIXC  or  competitive  local  exchange 
carrier  (CLEC)  —  can  provide  one  service.  Cost  is  lower,  as  is  the  qual¬ 
ity  and  availability  of  service. 

Most  businesses  are  not  large  companies;  they’re  SMBs  and  SOHOs. 
These  users  get  ulcers  every  day  with  respect  to  service  quality  and 
availability  The  main  problem  is  the  age  and  documentation  level  of 
the  existing  wire-line  plant  within  the  ILEC  and  customer  premises, 
which  makes  wire  replacement  and  repair  a  timeconsuming  night¬ 
mare.  The  second  problem  is  the  lack  of  remote  automated  test  tools 
that  would  help  solve  intercarrier  finger-pointing  problems.  A  third 
problem  is  slow  user  response  time  caused  by  over-subscription  or  lim¬ 
ited  trunk  capacity.  More  carrier  problems  involving  customer  provi¬ 
sioning,  complaint  resolution  and  escalation  procedures  are  rampant. 

When  confronting  carriers  with  these  problems,  we’re  apt  to  be  told 
“You  get  what  you  pay  for  I  can’t  imagine  receiving  such  a  response 
from  a  public  power  company.The  world  of  computing  is  rushing  head¬ 
long  into  on-demand  services. The  world  of  data  communications,  on 
the  other  hand,  is  limping  into  the  world  of  shared  use. 


Carrier  services:  A  public  utility? 


Almost  all  public  utilities  are  regulated  and  serve  the  public  good,  as 
well  as  earn  profits  for  their  shareholders.  Carriers  are  regulated  only 
with  respect  to  data  transport,  not  services,  and  traditional  switched 
voice  services.  In  data  communications  industry  parlance,  a  “service”  is 
a  VPN,  DSL,  Internet  access,  e-mail,  managed  customer  premises  equip¬ 
ment  and, in  the  future,  IP  voice.There’s  the  rub.SMB  and  the  SOHO  cus¬ 
tomers  are  constantly  looking  for  ways  to  decrease  costs,  increase 
throughput  and  outsource  more  responsibility  to  the  carrier.  The  carri¬ 
er  is  looking  for  ways  to  sell  additional  profitable  services  in  a  compet¬ 
itive  marketplace.  The  carrier  has  carte  blanche  to  offer  as  much  or  as 
little  as  necessary  to  meet  minimum  availability  quality  or  support 
requirements.  This  maintains  high  profit  levels  for  services  at  the 
expense  of  customer  satisfaction. 

The  solution  to  these  problems  is  limited  regulation  of  carrier  com¬ 
munications  services.  The  ILECs  would  receive  all  rights  of  ownership, 
including  “pass  through”  wholesale  pricing  of  local  loop  and  premises 
copper.  In  return,  the  ILECs  would  document  and  make  available  for 
review  all  wire-line  use  and  availability,  and  upgrade  the  plant  to  meet 
automated  repair,  capacity  and  sparing  needs. 

Mandatory  carrier  levels  for  quality  availability  and  support,  along 
with  common  escalation,  coordination  and  outage  compensation  pro¬ 
cedures  on  a  service-by-service  basis,  would  need  to  be  set  and  moni¬ 
tored.  Finally  in  order  to  promote  competition  and  avoid  predatory 
marketing  practices,  services  would  become  infrastructure  indepen¬ 
dent  as  layered  options  available  from  the  ILEC,  CLEC,  1XC  or  ISP  over 
commodity  transport. 

Something  must  be  done  soon  to  create  a  pubic  utility  for  communi¬ 
cations  services.  If  not,  the  profit-driven  vision  of  an  interconnected  and 
productive  virtual  community  of  consumers  and  businesses  using  util¬ 
ity-based,  on-demand  resources  will  never  come  to  pass  in  the  U.S. 


The  carrier  has 
carte  blanche 
to  offer  as  much 
or  as  little  as 
necessary  to 
meet  minimum 
availability,  qual¬ 
ity  or  support 
requirements. 


Dzubeck  is  president  of  Communications  Network  Architects,  an 
industry  analysis  firm  in  Washington,  D.C.  He  can  be  reached  at 
fdzubeck@commnetarch.  com. 
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DOMINANCE 

ARISES 

FROM  GREAT  BUSINESS  DECISIONS 


Enterprise  Management  Associates  is  an  analyst  firm  focused  specifically  on  the  complex  issues  of  managing  IT  technologies.  We  are  advisors 
to  leading  IT  organizations  and  their  suppliers  around  the  world. 

EMA  uncovers  the  truths,  trends  and  challenges  facing  the  IT  community.  Our  technical  insight  is  not  the  only  thing  that  differentiates  us.  You'll 

also  benefit  from: 

LEADING  INDUSTRY  AUTHORITIES  |  GROUND-BREAKING  RESEARCH  |  OPERATIONAL  ASSESSMENTS  |  ADVICE  ON  RFPs,  SLAs  AND  MORE 

Can  you  afford  NOT  to  make  great  business  decisions? 

Visit  us  at  www.enterprisemanagement.com 

2108  55th  Street,  Suite  110,  Boulder,  CO  80301 
Phone:  303  543.9500 

©  Enterprise  Management  Associates,  Inc 
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NetworkWorld 


There’s  more  online  at  Network  World  Fusion 

on  collaborative  workspace  vendors  as  well  as 
Web  conferencing  vendors.  If  you're  looking  to 
install  team  technology,  look  no  further  than  our 
Web  site. 

We’ve  got  information  on  more 
than  30  products,  including: 

Collaborative 
workspaces 


NetworkWorld 


COLLABORATIVE  WORKSPACES 

Working  together  in  virtual  facilities 

■  BY  CHRISTINE  PEREY  AND  TRAVIS  BERKLEY,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 

ave  you  ever  tried  working  on  a  project  with  someone  on  another  cam¬ 
pus,  or  in  another  state  or  country?  You  probably  spent  hours  on  the 
phone,  trying  to  describe  what  you  were  looking  at  or  thinking  about.  If 
you  were  lucky,  you  might  have  been  able  to  send  files  through  e-mail. 
Take  heart  —  there  is  a  better  way 


•Advanced  Reality 

•  Application  Security 

•  Documentum 

•  Groove  Networks 

•  iCohere 

•  iManage 

•  Kubi  Software 

•  Microsoft 

•  Open  Text 

•  Welcom 
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Web  conferencing 

•  Akiva 

•  Assemble 

•  AveComm 

•  Cata 

•  Data  Connection 

•  Glance  Networks 

•  Horizon  Live 

•  MeetingZone 

•  Netspoke 

•  VCON 

•  WebDialogs 


Collaborative  workspaces  are  secure, 
virtual  “rooms”  designed  to  enhance  the 
exchange  of  information  among  a  group 
of  workers  (also  known  as  a  team). 
Searching  the  market  has  led  to  the  iden¬ 
tification  of  dozens  of  companies  with  a 
variety  of  products  that  address  the 
opportunity  to  one  degree  or  another 
(see  the  online  Buyer’s  Guide  at  www. 
nwfusion.com,  DocFinder:  6842). 

We  invited  eight  and  completed  test¬ 
ing  on  three  product  suites  that  offer  a 
full  range  of  real  time  and  messaging 
functionality  for  virtual  teams:  Groove 
Networks’  Groove  Client  2.5  and  Enter¬ 
prise  Management  server;  iCohere’s 
Workgroup  Suite  3.1;  and  Docu- 
mentum’s  eRoom  6.0  (Documentum 
announced  Version  7  on  July  21.).  Some 
companies  declined  to  participate  in 
the  review  because  their  products  were 
near  the  end  of  a  product  cycle  and  the 
upcoming  generation  of  solutions  is  sig¬ 
nificantly  different  than  current  com¬ 


mercial  offerings.  The  products  we  test¬ 
ed  have  significant  differences  in  how 
they  address  challenges  facing  mem¬ 
bers  of  a  virtual  workgroup  and  how 
they  help  users  navigate  through  the 
spaces.  While  all  the  tested  products 
offered  a  range  of  functionality  we  gave 
Documentum’s  eRoom  a  Blue  Ribbon 
Award.  We  found  the  product’s  use  of 
icons  and  collapsible  navigation  easy  to 
use,  feature-rich  and  very  responsive. 
From  an  administrative  view,  we  like 
how  the  platform  does  not  require  a  sep¬ 
arate  messaging  server. 

Setting  up  the  systems 

Documentum’s  eRoom  was  by  far  the 
easiest  to  install.The  only  prerequisite  is  a 
fully  patched  Windows  2000  (or  newer) 
Server.  The  only  mark  against  the  system 
as  we  tested  it  is  that  the  Real  Time  Server, 
which  supports  the  collaborative  meeting 
environment,  must  be  installed  on  a  sepa¬ 
rate  Win  2000  server. 


eRoom  6.0 


Company:  Documentum,  (925)  600- 
6800  Price:  $17,000  per  server,  $200 
per  user.  Pros:  Very  easy  to  set  up  and 
configure.  Intuitive  and  flexible  user 
interface.  Cons:Two  separate  servers 
are  needed  for  full  functionality. 


iCohere  Workgroup  Suite  3.1 


Company:  iCohere,  (925)  937-5500 
Price:  Site  license  starts  at  $10,000 
including  50  user  licenses.  Up  to  450 
more  licenses  are  $100  each.  Pros: 
Completely  Web-based;  easy  to  interact 
with  other  users.  Cons:  Needs 
additional  Exchange  mail  server. 


Groove  2.5 


Company:  Groove  Networks,  (978)  720- 
2000  F>rice:  A  bout  $20,000  per  E  nterprise 
Management  server,  $149  per  client  Pros: 
Very  easy  to  be  a  mobile  user  who  is 
intermittently  connected;  easy  to  see 
who  also  is  connected.  Cons:  Somewhat 
limited  in  functionality  and  flexibility. 
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breakdown 

eRoom 

WINNER 

BLUE 

RIBBON 

iCohere 

Groove 

Features  40% 

4  4  [a 

4 

3 

Installation/configuration  25% 

5 

3 

4 

Usability  20% 

4 

4 

4 

Extended-enterprise  support*  15% 

4 

4 

4 

TOTAL  SCORE 

4.25 

3.75 

3.6 

■  Scoring  Key:  5:  Exceptional;  4:  Very  good;  3:  Average;  2:  Below  average;  1:  Consistently  subpar 
‘The  degree  to  which  the  system  supports  multi-enterprise  collaboration. 


Groove’s  Enterprise  Server  was  almost 
as  easy  to  install.  But  in  addition  to 
installing  on  a  Win  2000  Server,  you 
need  to  install  Microsoft  SQLServer 
2000.  As  long  as  the  SQL  server  permis¬ 
sions  are  set  up  correctly,  Groove 
Enterprise  Server  will  install  with  mini¬ 
mum  effort.  Our  only  hitch  was  under¬ 
standing  some  of  the  options  presented, 
most  notably  the  wording  of  Certificate 
Authority  settings. 

While  certainly  not  difficult,  iCohere’s 
Workgroup  Suite  install  required  the 
most  preparation.  In  addition  to  in¬ 
stalling  Win  2000  Server  and  SQLServer 
2000,  you  need  to  install  MacroMedia’s 
ColdFusion  MX  and  Microsoft  Outlook 
2000  (or  newer),  and  enable  Terminal 
Services  and  FTP  access.  ICohere’s  sup¬ 
port  staff  uses  FTP  to  upload  the  instal¬ 
lation  files  and  then  connect  to  your 
server  using  Windows  Terminal  Services. 
The  installation  then  is  completed  for 
you.  The  biggest  drawback  of  this  con¬ 
figuration  is  that  it  requires  membership 
in  a  domain  that  has  Exchange  services 
available  for  the  sole  purpose  of  send¬ 
ing  e-mail.  The  domain  membership  is 
required  to  launch  Outlook  without  a 
password  challenge. 

ICohere  shines  in  the  configuration 
phase,  however.  After  a  member  of 
iCohere’s  staff  remotely  connects  and 
installs  the  system,  it  creates  workspaces 
to  your  specifications  as  part  of  a  stan¬ 
dard  installation.  As  part  of  a  preinstalla¬ 
tion  survey,  you  document  how  many 
workspaces  you  need,  what  functions 
will  be  in  each  room  and  other  details. 
When  iCohere  is  finished,  you  have  a 
complete  set  of  workspaces  ready  for 
use.  While  users  can  be  given  different 
permission  levels  within  a  workspace,  the 
administrator  controls  creating  new 
workspaces. 

Groove  lets  users  create  new  work¬ 
spaces  and  invite  whomever  they  feel  is 
appropriate  to  join.The  roles  of  manager, 
participant  or  guest  can  be  assigned  to 
the  invitees.  Groove  workspaces  contain 
a  default  set  of  features,  such  as  discus¬ 
sion  boards  and  file  transfer  areas.whid 
then  can  be  customized  to  fit  th<  p  : 
pose  of  the  workspace. 

Documentum  calls  its  workspaces 


Review 
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M  How  we  did  it 


Our  tests  involved  using  two  different  hardware  systems  —  for  iCohere  and 
Groove,  we  installed  Windows  2000  Server  and  SQL  Server  2000  on  an  HP 
ProLiant  DL360  G3  server,  with  twin  2.8-GHz  Intel  Xeon  processors,  1G  byte 
of  RAM  and  a  mirrored  36G-byte  disk  array.  The  eRoom  server  was  installed  on  an 
RLX  Technologies  800i  server  blade  running  Windows  Advanced  Server  2000,  with 
an  800-MHz  Mobile  Pentium  III,  1G  byte  of  RAM  and  two  38G-byte  disks. 

For  each  product,  we  created  at  least  two  workspaces.  One  was  used  to  simu¬ 
late  a  coordinated  product  launch,  and  the  other  simulated  an  engineering  project 
group.  Testing  was  held  from  three  different  remote  locations  (Massachusetts, 
Kansas  and  California),  in  addition  to  local  usage. 

Tests  were  conducted  in  four  categories: 

Asset  management  —  create  documents,  use  version  controls,  manage  editing 
process,  create  calendars  and  manage  other  digital  assets  to  store  within  a 
workspace. 

Real-time  communications  —  instant  messaging  and/or  chat,  whiteboard  and 
application  sharing,  online  presence  and  collaboration. 

Non-real-time  communication  —  off-line  editing  and  synchronization,  meeting 
and  process  planning,  workflow,  voting/polling,  threaded  discussions,  and  individ¬ 
ual,  or  group  messaging  and  announcements. 

Information  dissemination  —  Examining  facilitation  tools  during  a  live  (one-to- 
many)  event  and  the  ability  to  retrieve  event  archives  on  demand. 


rooms  —  new  rooms  can  be  populated 
with  objects  from  a  template,  or  a  blank 
room  can  be  created  in  which  you  can 
create  your  own  objects  later.  A  user  with 
permission  can  create  rooms  as  he  sees 
fit, using  those  objects  (tools)  that  best  suit 
his  needs  and  creativity.  Individual  items 
also  may  have  permissions  set  on  them. 
For  example,  a  folder  might  be  created  to 
hold  documents.  Some  users  can  be  given 
the  right  to  read  and  edit,  while  others  can 
only  read.You  also  can  choose  to  hide  the 
folder  from  users  who  get  no  permissions 
within  the  folder. This  detail  in  access  con¬ 
trol  is  one  of  eRoom’s  strengths. 

With  a  Web-based  platform,  there  is  vir¬ 
tually  no  setup  needed  to  join  a  commu¬ 
nity  or  workspace.  A  Web  browser  is  all 


that  is  required  to  get  up  and  running  with 
iCohere  and  eRoom.You  can  supplement 
the  browser  experience  on  eRoom  by 
installing  an  optional  plug-in.  The  plug-in 
gives  members  easy  access  to  project 
downloads  from  a  local  machine,  a  work¬ 
space  preferences  configuration  tool, 
monitoring, a  quick-start  button  on  the  sys¬ 
tem  tray  and  Outlook  synchronization. 

Groove’s  client  is  a  run-time  application 
that  also  integrates  smoothly  with  Out¬ 
look,  but  it  must  be  installed  on  all  team 
members’  systems.  In  contrast  to  the  Web- 
based  systems,  Groove  Workspace  relies 
on  the  client  application,  which  is  only 
compatible  with  Windows-based  systems. 

Both  iCohere’s  Workgroup  Suite  and 
Documentum’s  eRoom  have  password 


protection  for  the  browser-only  user 
(when  running  the  plug-in,  eRoom  will 
remember  the  password).  For  iCohere 
users  who  forget  their  passwords,  a  tem¬ 
porary  password  can  be  e-mailed  to  the 
user.  With  Groove  and  eRoom,  if  a  user  for¬ 
gets  his  password,  a  system  administrator 
needs  to  be  notified. 

Activity  and  asset  management 

Two  major  challenges  that  team  mem¬ 
bers  face  are  managing  time  and  project- 
related  files.  All  three  systems  we  tested 
have  project-  or  space-specific  calendars. 
Groove  and  eRoom  (through  its  optional 
client  plug-in)  support  calendar  synchro¬ 
nization  with  Outlook.  ICohere’s  calendar 
is  Web-based  and  internal  to  the  applica¬ 
tion.  All  three  systems  also  could  reflect 
local  times  for  events  or  deadlines,  per¬ 
mitted  recurring  events,  and  could  issue 
notifications  to  team  members  if  a  calen¬ 
dar  or  project  management  milestone 
changed.  We  also  liked  that  all  three  sys¬ 
tems  could  link  a  calendar  item  to  other 
tools  or  files.  For  example,  a  calendar  item 
in  Groove  can  become  a  link  to  the  meet¬ 
ing  area’s  agenda,  list  of  participants  and 
minutes.  Similarly,  a  calendar  item  in 
eRoom  can  become  the  basis  of  a  poll  or 
vote. 

Keeping  track  of  your  files,  whether  they 
are  documents,  diagrams  or  slide  presen¬ 
tations,  can  be  a  headache  with  e-mail  — 
the  collaborative  spaces  handle  this  issue 
very  well.  Groove’s  client-centric  model 
(all  files  are  replicated  by  the  client  on 
team  members’  hard  drives)  is  well- 
designed  for  a  mobile  worker  who  has  a 
lot  of  storage  space  on  his  notebook.  We 
found  that  Documentum’s  database-cen¬ 
tric  model  offered  the  richest  capabilities 
in  terms  of  asset  management  and  the 
most  elegant  interface  for  viewing  author 
names,  last  change  date  and  the  like.  Both 


iCohere  and  Documentum  have  file 
check-in,  checkout,  review  and  approval 
systems,  and  other  advanced  file-manage¬ 
ment  features  that  are  highly  controllable 
by  the  “owner”  of  the  workspace.  All  three 
systems  provide  file  encryption  for  securi¬ 
ty-sensitive  applications.  Groove  supports 
co-editing  documents  and  synchronized 
navigation  (the  ability  for  the  host  of  a 
space  to  have  all  participants  in  a  meeting 
or  project  space  see  the  host’s  screen  in 
real  time  on  their  screens),  while  iCohere 
offers  this  through  a  third-party  partner 
(for  example,  WebEx  or  PlaceWare). 
Documentum’s  Real  Time  Server  option 
has  file  viewing  and  application  and/or 
desktop  sharing  seamlessly  integrated 
within  eRoom-facilitated  meetings. 

Additional  features 

A  collaborative  workspace  must  have  a 
directory  or  contact  database  to  help 
members  find  or  get  to  know  one  another. 
ICohere  had  the  most  flexible  and  feature- 
rich  approach,  letting  us  post  team  mem¬ 
bers’  photos  or  graphics  (although  we  hit 
a  bump  when  trying  to  upload  a  large 
graphics  file  into  a  profile),  or  even  audio 
files.  Documentum  was  limited  in  its  direc¬ 
tory  information,  but  gives  users  the  ability 
to  modify  everything  but  their  logon 
names.  Groove  places  the  burden  on  the 
system  administrator  to  maintain  a  “cor¬ 
porate”  profile  of  a  user,  but  lets  members 
create  and  self-maintain  additional  “per¬ 
sonal”  profiles.  In  addition  to  a  local  direc¬ 
tory,  Groove  users  can  be  listed  in  a  “glob¬ 
al”  directory  hosted  at  groove.net.  Both 
Documentum  and  Groove  could  leverage 
multiple  Lightweight  Directory  Access 
Protocol  directories  or  Windows  domains. 
However,  Documentum  had  a  feature  that 
was  unique  —  the  ability  to  authenticate 
using  RSA  Security  SecurlD  tokens. We  did 
not  test  this  feature,  as  it  required  addi- 


Collaborate  via  e-mail 


If  your  team  members  think  "collaboration''  means 
hitting  the  "Reply  to  AH"  button,  you  might  want  to 
give  them  a  tool  that  integrates  collaboration  via  their 
favorite  application  —  the  Outlook  or  Lotus  Notes 
client.  Kubi  Software,  which  launched  at  this  year's 
Demo  conference,  has  done  this  with  its  Kubi  Client. 

Kubi  Client  is  a  plug-in  to  Outlook  or  Notes  that  lets 
users  collaborate  in  the  application  they  know  best. 
The  idea  is  that  end  users  will  more  likely  collaborate 
with  team  members  through  their  e-mail  client  than 
through  a  separate  client  application  or  browser  (such 
as  those  in  our  main  story). 

Our  team  of  four  testers  (in  four  different  locations) 
downloaded  Kubi  Client  and  installed  it  on  our  sys¬ 
tems.  Two  testers  used  Outlook  2000  with  their  POP3 
e-mail  accounts;  the  other  two  sites  used  Outlook  in 
conjunction  with  an  Exchange  server. 

Kub;  Client  creates  Kubi  Spaces  that  include  win¬ 
dows  for  discussions,  contacts,  task  lists  and  docu¬ 
ment  storage,  and  a  project  timeline.  Any  team 
member  can  create  a  new  space  (he  becomes  the 


team  leader)  and  invite  other  team  members  to  par¬ 
ticipate.  Any  user  who  doesn’t  have  Kubi  Client 
installed  gets  an  e-mail  with  an  invitation  to  down¬ 
load  a  trial  version. 

Content  that  sits  in  the  Kubi  spaces  stays  on  the 
client  (as  a  personal  .PST  file),  not  on  the  Exchange  or 
Notes  server.  When  new  content  is  added  (such  as  a 
new  document  posted  or  a  new  discussion  post),  the 
system  sends  messages  to  all  the  other  team  mem¬ 
bers,  who  then  see  the  content  refreshed.  When  an 
offline  member  comes  back  online,  Kubi  Client 
searches  for  new  content  and  refreshes  the  informa¬ 
tion  in  his  Kubi  Space. 

Because  Kubi  is  married  to  the  e-mail  system,  your 
happiness  with  Kubi  is  directly  proportional  to  your 
happiness  with  your  e-mail  system.  Our  four  testers 
all  had  different  issues  with  Kubi  Client,  such  as  not 
receiving  invitations  from  team  leaders,  to  a  long 
refresh  period  while  waiting  to  join  a  space.  One 
tester’s  Kubi  Client  kept  shutting  down  periodically, 
and  another  one  had  some  problems  with  the  anti¬ 


spam  filter  connected  to  the  server.  Another  tester 
began  having  other  system  problems  after  Kubi 
installed,  only  to  have  those  problems  vanish  after  she 
uninstalled  the  client. 

Collaborating  via  Kubi  Client  never  fully  took  hold, 
either.  Instead  of  posting  questions/comments  to 
the  Kubi  discussion  boards,  we  all  just  continued  to 
hit  the  Reply  to  All  button  on  our  e-mails.  Even 
though  Kubi  was  integrated  into  the  Outlook  file,  it 
took  a  conscious  effort  to  constantly  check  the  Kubi 
Space  to  see  if  a  new  message  was  there.  For  the 
most  part,  we  still  lived  in  our  in-box.  To  be  fair,  true 
collaboration  never  truly  caught  on  with  the  other 
workspaces  either,  but  we  thought  our  best  chance 
for  collaboration  would  be  in  the  e-mail  system 
itself. 

In  the  end,  we  think  collaborating  via  e-mail  is  valid 
—  once  Kubi  can  get  the  installation/setup  bugs  out 
of  the  way  and  adds  features  such  as  chat  and 
whiteboards. 


—  Keith  Shaw 
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Before  you  deploy 


Categories  and  features  of  collaboration  software  are  blurring  quickly.  The 
term  'collaboration'  has  become  the  new  marketing  catch  phrase,  devoid 
of  meaning  and  dismissed  as  another  fad.  For  this  reason,  we’ll  call  it 
“team  technology." 

You  can  approach  team  technology  from  as  many  directions  as  there  are  people 
who  work.  Workers  can  be  in  the  same  office,  in  different  locations,  teleworkers, 
distributed  teams,  designers,  writers  or  trash  collectors.  The  ability  for  one  appli¬ 
cation  to  work  for  all  the  ways  people  and  teams  work  is  impossible.  Before  you 
deploy,  consider  the  following  key  questions: 

1)  Where  does  your  team  do  most  of  its  work? 

A  far-flung  consulting  team  that  works  all  day  on  airplanes  won't  be  attracted 
to  an  application  service  provider  or  Web-based  product.  Conversely,  a  team  of 
product  designers  working  in  the  same  office  might  be  delighted  by  a  hosted 
service. 

2)  Are  outside  partners  going  to  participate? 

Teaming  with  outside  partners  that  don't  have  the  same  applications  as  your 
company  will  cause  great  frustration.  A  long-time  trusted  partner  working  in  a 
Macintosh  shop  might  not  appreciate  it  when  you  institute  a  PC-based  collabo¬ 
ration  platform.  This  will  lead  to  dual  work  processes  or  a  severed  relationship. 
An  Internet-based  platform  might  not  be  the  best  choice  for  the  way  you  work, 
but  the  ability  to  work  with  partners  might  outweigh  this. 

3)  Are  you  standardized  on  your  technology? 

Many  companies  in  transition  (especially  in  this  economy)  are  not  standardized 
on  an  operating  system.  The  less  standardized  the  environment,  the  more  likely 
your  company  will  be  forced  to  move  to  an  Internet- based  team  technology. 

4)  What  is  the  pace  of  your  company? 

Team  technology  takes  some  extra  effort.  In  many  cases,  an  employee  who 
doesn't  use  existing  technology  effectively  doesn't  have  the  time  to  learn  the 
features  and  tools  of  a  new  technology.  A  company  that  is  fast-paced  might  do 
better  to  implement  a  simpler  technology  (intuitive  and  aesthetically  pleasing) 
instead  of  the  full-featured  boat.  For  example,  look  at  instant-messaging  appli¬ 
cations  —  voice  and  video  might  be  used  once  or  twice,  but  these  features  are 
too  much  trouble  for  most  employees  to  use  consistently.  Too  many  features 
actually  might  discourage  use. 

5)  What  are  your  current  work  processes? 

If  adding  team  technology  doesn’t  positively  affect  your  work  processes,  it  won't 
create  the  anticipated  return.  In  many  cases,  the  team  technology  might  not  inte¬ 
grate  with  your  systems  and  might  create  extra  steps  in  the  work  process. 
Understanding  the  processes  and  simulating  the  changes  required  are  essential. 

Conclusion:  Team  technology  can  be  deceptively  complicated.  Evaluating  the 
way  your  company  works  and  finding  the  best  fit  for  the  company's  personality 
are  the  keys  to  success  in  this  space.  True  collaboration  can  be  beneficial  only 
when  it  is  considered  the  same  way  as  other  management  decisions  —  with 
ROI  being  more  than  just  installing  an  application. 

—  Brett  Trusko 

Trusko  is  a  management  consultant  and  futurist  who  speaks,  writes  and  con¬ 
sults  on  work  in  transition,  including  optimizing  how  and  where  employees  are 
most  productive.  He  can  be  reached  at  btrusko@future-org.com. 


tional  software. 

All  three  systems  could  show  presence 
—  where  a  team  member  was  located 
within  the  space  —  but  we  thought 
Groove  did  the  best  job  of  tracking  the 
presence  states  of  team  members.  For 
example,  it  was  clear  when  someone  was 
online  in  a  Groove  location  but  not  in  the 
same  room.  We  would  have  liked  a  clear 
log-out  button  on  eRoom.Once  the  client 
plug-in  is  sitting  in  the  system  tray,  a  mem¬ 
ber  might  appear  to  be  in  a  space  if  he  is 
focused  elsewhere  on  his  computer. 

Voting  and  polling  are  important  fea¬ 
tures.  Grooves  client  doesn’t  support  vot- 

fing/polling  within  the  application  out  of 
the  box.  However,  you  can  create  this 
through  Grooves  custom-built  tools  or  a 
third-party  voting  tool,  Flexivote,  devel¬ 
oped  by  CompuTact  Software  Services 

E  (www.apwiz.com).  Flexivote  is  fairly  lim¬ 
ited  and  does  not  integrate  with  other 
tools. 

By  contrast,  Documentum  took  voting/ 

Spoiling  to  the  extreme  —  any  event,  item 
or  file  could  have  a  question  and  poll 
associated  with  it.  ICohere  also  has  strong 
voting/polling  features,  but  they  were  not 
as  well-integrated  within  the  context  of  a 

[discussion  or  activity,  and  were  more  diffi¬ 
cult  to  configure  than  Documentums  vot- 

!ing/polling  tool. 

Scheduled  and  ad  hoc  meetings 

Real-time  messaging  (such  as  chat  or 
instant  messaging)  in  all  three  systems  let 
team  members  communicate  via  text  dur¬ 
ing  group  meetings  or  smaller  gatherings, 
whether  scheduled  or  ad  hoc.The  iCohere 
“native”  system  for  ad  hoc  meetings  uses 
pop-up  windows  that  can  get  hidden 
behind  other  open  windows,  and  politely 
close  when  no  longer  needed.  Meeting 
invitations  in  iCohere  can  be  sent  through 
third-party  messaging  (e-mail)  or  the  inter¬ 
nal  workspace-messaging  tool.  ICohere 
also  can  link  to  an  enterprise  meeting 
server  or  hosted  service,  which  takes 
advantage  of  other  enterprise  resources. 

Groove  includes  text-messaging  support 
and  has  a  strong  meeting-agenda  feature, 
user  management  tools,  and  the  ability  to 
co-edit  files  or  browse  URLs  simultane¬ 
ously  with  your  team.  Groove  also  adds 
some  voice  functionality.  With  the  press  of 
a  button, your  team  can  chat  together  as  if 
they  were  on  a  speakerphone,  although 
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sound  quality  isn’t  quite  as  good,  and 
latency  is  more  noticeable  than  on  a  reg¬ 
ular  audio  conference  call. 

The  Documentum  eRoom  Real  Time 
Server  was  the  most  tightly  integrated 
offering  and  resembled  a  full-featured 
Web  conferencing  platform  —  including 
features  such  as  moderator  control,  syn¬ 
chronized  Web  surfing  and  color-coded 
team  member  markup  tools.  From  nearly 
anywhere  in  the  space,  a  right-click  on  an 
asset,  task  or  member  name  pulls  up  an 
eRoom  operation  menu,  including  op¬ 
tions  such  as  “add  to  meeting”  or“invite  to 
a  meeting.” The  degree  to  which  this  inte¬ 
gration  is  important  to  a  team  varies  with 
the  project  or  process,  but  it  certainly 
helps  keep  everyone  focused  in  the  same 
space  and  avoids  breaking  up  the  flow  of 
work  by  changing  tools  for  different  tasks. 

Messaging  and  announcements 

When  team  members  are  not  around  at 
the  same  time,  they  can  use  tools  such  as 
message  boards  (also  called  Discussions) 
and  Announcements  as  a  way  to  commu¬ 
nicate.  Threaded  discussion  systems  were 
well-developed  in  the  three  systems  tested. 
We  especially  liked,  with  Groove  and  e- 
Room,  how  the  system  could  hide  previ¬ 
ously  read  messages  and  emphasize  the 
unread  contributions. 

The  Announcements  area  is  a  way  to 
show  that  a  message  is  more  important 
than  on  a  regular  message  board  —  all  the 
tools  tested  also  had  this  functionality. 

Creating  a  message  or  announcement 
was  easy  in  all  three  systems,  but  selecting 
the  recipients  of  a  message  was  somewhat 
clumsy  in  the  iCohere  and  Documentum 
systems.They  required  the  sender  to  select 
names  from  a  separate  screen  or  pop-up 
window  (if  the  message  was  intended  for 
someone  other  than  the  entire  group), 
rather  than  using  the  user’s  primary  mes¬ 
saging  contacts  database  (for  example, 
Outlook). 

All  three  systems  included  “welcome” 
screens  that  let  members  post  special 
announcements,  but  we  didn’t  find  the  wel¬ 
come  pages  in  iCohere  or  Groove  very  use¬ 
ful  after  the  first  visit  to  a  space,  unless  the 
administrator  wants  to  use  this  page  to  dis¬ 
play  system  announcements.  The  adminis¬ 
trator  can  turn  off  the  welcome  page  in 
iCohere, and  individual  team  members  can 
delete  the  “welcome”  tool  within  their 
Groove  workspace.  A  “home  page”  in 
Documentum  eRoom  gives  access  to  all 
the  features,  and  we  preferred  this  user 
interface  and  its  exceptional  flexibility. 

Conclusion 

Selecting  a  collaborative  workspace  sys¬ 
tem  depends  a  lot  on  your  company,  its 
workflow  processes  and  team  member  sit¬ 
uations  (see  sidebar,  Before  you  deploy, 
above).  At  a  basic  level,  we  feel  a  system 
should  include  activity  and  asset  manage¬ 
ment,  and  tracking  tools,  both  real-time 
and  non-real-time  messaging,  and  team 
member  management  tools.  While  all 
three  systems  are  good,  we  feel  that 
Documentums  eRoom  comes  out  on  top. 


It  is  easy  to  install  and  configure,  has  a 
very  intuitive  and  easy-to-use  interface, 
and  can  be  adapted  to  meet  the  needs  of 
virtually  any  collaborative  effort. 
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I’ve  spent  the  past  several  months  work¬ 
ing  with  wireless  LAN  switches  for  an 
upcoming  review.  It  might  be  a  new 
area  with  players  and  technology  still  in 
flux,  but  even  so  our  preliminary  testing 


has  uncovered  several  key  issues.  If  you’re 
considering  a  wireless  switch  rollout,  here 
are  a  few  pointers: 

“Wireless  switch”  is  an  oxymoron.  Don’t 
expect  these  products  to  move  traffic  from 
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Wireless  LAN  switches:  First  impressions 


one  frequency  to  another.  Most  products 
consist  of  multiple  wireless  access  points 
attached  to  a  wired  switch,  where  the 
actual  switching  occurs. 

Where  these  devices  differ  from  wired 
switches  is  in  their  additional  smarts  to 
deal  with  radio  frequency  issues  and  other 
aspects  of  WLAN  traffic  management. 

Interference  happens.  Using  a  spectrum 
analyzer  can  be  a  sobering  experience.  Set 
the  dial  to  the  right  frequency,  fire  up  a 
computer  and  voila  —  suddenly  you  see 
how  much  electromagnetic  energy  we’re 
constantly  bombarded  with. 

Access  points  from  neighboring  offices 
constitute  another  interference  source,  as 
do  multiple  access  points  too  close  to  the 
same  switch.  All  these  factors  make  a  huge 
difference  in  performance. 

Wireless  switch  management  tools 
should  recognize  radio  frequency  changes 
and  adjust  signal  strengths  to  compensate. 

Prepare  to  sniff  in  the  dark.  So  far,  only 
one  of  the  switches  we’ve  seen  has  port 
mirroring, a  feature  that  allows  frames  to  be 
copied  for  capture  and  decode  by  a  proto¬ 
col  analyzer.  If  you  want  to  capture  traffic, 
you’ll  need  an  external  splitter  or  a  next- 
hop  device  that  does  port  mirroring. 

Grabbing  the  traffic  might  not  be  much 
help,  however.  There’s  no  standard  yet  for 
communications  between  access  points  or 
between  WLAN  switches.  As  a  result,  some 
vendors  use  proprietary  formats  to  encode 
interswitch  traffic  —  and  commercial  ana¬ 
lyzers  don’t  decode  those  formats. 

Don’t  expect  precise  latency  and  jitter 
measurements.  The  tools  don’t  yet  exist  to 
obtain  reliable  measurements  of  latency 
and  jitter  on  WLANs.  That’s  a  big  problem 
when  it  comes  to  voice  over  IP  —  one  of 
the  applications  most  often  considered  for 
wireless  switches. 

The  issue  exists  because  packets  leave 
most  wireless  devices  at  a  variable  rate.  In 
the  wired  world,  traffic  generators  use  cus¬ 
tom  hardware  to  ensure  precise  control 
over  packet  departure  intervals. 

That  kind  of  precision  isn’t  possible  with 
current  WLAN  designs.  All  the  access 
points  we’ve  seen  consist  of  a  CPU  and 
software. 

As  with  any  CPU-based  design,  the 
amount  of  work  an  access  point  can  do 
depends  on  how  busy  its  CPU  is,  and  how 
much  of  its  memory  is  in  use. Thus,  even  if 
packets  enter  an  access  point  at  a  constant 
rate, they  might  depart  at  variable  intervals. 

This  problem  will  remain  until  a  device  is 
built  that  ensures  consistent  departure 
times  from  the  wireless  transmitter. 

Despite  these  issues,  I’m  optimistic  about 
wireless  switching.  Extending  the  enter¬ 
prise  and  pulling  less  cable  are  powerful 
concepts.  All  we’ve  got  to  do  is  find  and  fix 
the  issues  with  this  early-stage  technology. 
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VoIP  unwired 

Voice  and  wireless  Ethernet  might  seem  an  odd  mix,  but  for  mobile 
workers  or  hard-to-wire  areas,  it  can  be  the  perfect  combo. 


■  BY  PHIL  HOCHMUTH 

Converged  voice/data  network  projects 
can  be  tough,  especially  if  you  can’t  use 
any  wires.Thats  what  Mike  Burns,  a  sys¬ 
tems  integrator,  discovered  when  a  client 
asked  him  to  provide  voice  and  data  ser¬ 
vices  to  a  gold-mining  operation  in  the 
middle  of  a  Laotian  jungle.  Burns  faced  a 
sticky  situation  —  literally 

“The  ground  was  mostly  mud, so  we  couldn’t  bury  any 
cables,  and  there  were  no  poles  where  we  could  hang 
wire,”  says  Burns,  who  is  president  of  Nationwide 
Computer  Systems,  an  ISP  and  integration  firm  in  Fort 
Lauderdale,  Fla. The  solution  would  obviously  be  a  wire¬ 
less  one:  Burns  used  802.1  lb  gear  to  connect  50  IP 
phones,  PCs,  a  router  and  satellite  dish  for  the  mining 
camp. The  camp,  which  stretches  over  a  two-mile  area, 
consists  of  20  structures  for  operations,  living  quarters 
and  offices. 

Wireless  Ethernet  certainly  isn’t  the  first  infrastructure 
that  experts  recommend  for  carrying  voice  over  IP 
(VoIP),  but  Burns  and  other  users  are  finding  802. 1 1 

Wi-Fi  VoIP:  Behind  the  curtain  at  one 


works  fine  for  their  IP  telephony  requirements.The  com¬ 
bination  of  the  technologies  is  proving  useful  for  keep¬ 
ing  mobile  employees,  such  as  hospital  workers,  in 
touch  or  for  linking  IP  phones  in  areas  where  Category 
5  cabling  is  hard  to  run. 

Voice  quality  can  be  a  major  issue  because  Wi-Fi 
LANs  are  slow  at  1 1M  bit/sec,  and  in  most  cases,  a 
shared  medium,  likened  to  lOBase-T  hubs.The  IEEE  is 
creating  standards  to  increase  security  and  quality  of 
service  (QoS)  on  Wi-Fi  —  such  as  802.1  li  and  802.1  le 
—  but  widespread  adoption  of  those  technologies  is 
still  at  least  a  year  away. 

While  some  users  say  IP  voice  quality  is  fine  over  Wi¬ 
Fi,  others  have  adopted  proprietary  QoS  features  sup¬ 
plied  by  Wi-Fi  and  wireless  IP  phone  makers  to  make 
sure  of  that.  At  the  mining  camp,  where  voice  and  data 
contend  for  Wi-Fi  connections,  Burns  relies  on  router- 
based  QoS. 

Burns  built  a  wireless  VoIP  network  using  an  AltiGen 
Communications  AltiServ  IP  PBX,  Polycom  IP  phones, 
Lucent  Wi-Fi  access  points  —  lashed  to  trees,  Cisco 
hubs  and  a  router,  which  connects  to  satellite  equip¬ 
ment  for  outside  communications.  Hubs  and  Wi-Fi 
routers  in  the  camp  buildings  connect  the  IP  phones 
and  connect  to  PCs  for  e-mail  and  mining  data  analy¬ 
sis.  (More  than  a  dozen  gas  generators  power  the  net¬ 
work  gear.) 

Connecting  the  mining  camp  to  the  outside  world  was 


medical  center 


easy,  Burns  says.  A  satellite  dish  syncs  up  to  a  fiber  con¬ 
nection  in  Germany,  which  ultimately  runs  to 
Nationwide’s  ISP  point  of  presence  in  Florida. The  hard 
part,  he  says,  was  connecting  telephones  down  on  the 
jungle  floor  for  calls  between  buildings  —  or  huts,  as 
Burns  calls  them. 

“There  was  no  way  we  could  have  deployed  a  tradi¬ 
tional  PBX  in  this  environment,”  he  says. 

“It  was  pretty  out  there,”  Burns  says  of  the  network, 
which  is  still  operating.Tve  thought  about  that  project  a 
lot,  and  there  was  no  other  way  we  could  have  done  it.” 

Wi-Fi  and  VoIP,  stat 

At  Mercy  Medical  Center  in  Roseburg,Ore.,IT  Director 
Nancy  Laney  could  have  given  nurses  regular  phones 
or  new  pagers,  but  opted  for  wireless  VoIP  devices 
instead. The  hospital  uses  wireless  VoIP  communica¬ 
tions  badge  appliances  from  Vocera  Communications. 

Nurses  wear  the  gadgets,  about  the  size  of  TV  remotes, 
around  their  necks  with  lanyards  or  pinned  to  their  shirts. 
To  reach  someone,  a  nurse  presses  a  button  on  the  badge 
and  scrolls  through  names  in  the  system,  then  presses 
another  button  to  talk.The  voice  signal  travels  to  the 
recipient  over  the  hospital’s  Wi-Fi  infrastructure. 

Mercy  Medical  installed  10  Cisco  Wi-Fi  endpoints 
throughout  the  facility  to  support  the  Vocera  infrastruc¬ 
ture,  which  replaces  an  outdated  pager  system,  Laney 
says.  Wireless  VoIP  lets  nurses  contact  each  other  faster 
and  more  efficiently  than  previous  pager  systems  or 
with  telephones,  she  adds. 

“We  were  going  to  install  a  wireless  infrastructure 
anyway,  so  we  just  accelerated  that  project"  when 
deciding  to  use  the  Vocera  devices,  Laney  says.“After  a 
30-day  trial,  our  nursing  staff  was  hooked.  We’ve  had 
technology  rollouts  that  met  some  resistance,  but  this 
is  not  one  of  them.” 

A  Windows  server  running  Vocera’s  management  soft¬ 
ware  and  user  database  controls  the  Wi-Fi  VoIP  network 
on  the  back  end. The  software  lets  administrators  add 
and  remove  users  from  the  system  and  customize  indi¬ 
vidual  calling  features.They  can  track  users  on  the  sys¬ 
tem  using  an  open  source  MySQL  database. The  hospi¬ 
tal  uses  interactive  voice  response  (IVR)  software  from 
Nuance,  processing  voice-activated  commands. 

During  emergency  situations  when  nurses  don’t  have 
time  to  scroll  through  names,  they  can  use  the  IVR  fea¬ 
ture  by  voice  prompt.  Speaking  a  person’s  name,  the 
name  of  a  group  or  for  all  nurses  on  a  certain  team 
will  initiate  the  call. 

Users  also  can  find  where  someone  is  through  the 
Vocera  system. They  say“find”and  the  name  of  the  p<  ’ 
son,  and  the  IVR  software  responds  with  the  location 
of  the  requested  user. To  make  this  possible,  Lane-  n 
assigned  all  the  Wi-Fi  access  points  in  the  hosp  l  .  a 
name  based  on  their  location,  such  as  “Emergency" 
“OR”  or  “Cafeteria”  and  entered  them  into  the  W  e- 1 
database. The  hospital  even  is  attaching  Vocera  a> ,  ■ 
to  frequently  used  pieces  of  equipment,  such  «s  FXG 
machines  or  defibrillators  so  nurses  can  find  du 


University  of  Southern  California  University  Hospital  uses  QoS  technology  on  a  Wi-Fi  gateway 
and  at  the  LAN  switch  to  ensure  wireless  IP  voice  calls  get  priority  as  they  cross  the  LAN. 


O  Wireless  IP 
phones  and  other 
devices  get  LAN 
connectivity  via 
802.11b,  or  Wi-Fi, 
access  points. 


©  The  proprietary  NetLink  SVP  Server 
coordinates  forwarding  priorities 
among  the  wireless  access  points, 
IP  PBX  and  LAN  switches.  Voice 
traffic  receives  priority  over  data  on 
the  wired  and  wireless  LAN. 


o  IP  voice  traffic  converts 
to  regular  voice  as  it 
moves  from  the  IP  PBX 
to  an  ISDN  line  providing 
connectivity  between  the 
IP  and  regular  PBX. 
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devices  quickly;  Laney  says. 

Mercy  Medical  has  plans  to  give  nurses 
wireless  tablet  PCs,  so  the  Wi-Fi  infra¬ 
structure  will  soon  be  carrying  data,  too, 
Laney  says.  Because  the  Cisco  access 
points  can  support  the  prioritization  of 
voice  traffic,  Laney  says  she  does  not 
anticipate  bandwidth-contention  issues. 


The  Vocera  system  is  slightly  more 
expensive  than  the  pager  system  it 
replaced,  but  Laney  says  she  expects  the 
hospital  to  save  money  ultimately 
because  it  is  giving  wireless  VoIP  access 
to  other  groups, such  as  doctors,  mainte¬ 
nance  workers  and  cleaning  staff. These 
employees  had  used  pager  systems  or 


walkie-talkies. 

Similarly  at  University  of  Southern 
California  University  Hospital  (USCUH) 
in  Los  Angeles,  nurses  and  doctors  now 
stay  in  touch  via  802.1  lb-based  NetLink 
IP  phones  from  SpectraLink.A  total  of 
273  wireless  IP  handsets  are  in  use  at  the 
hospital.  Wireless  IP  phones  are  now  a 


single  source  of  communication  for  all 
staff,  and  replace  a  mix  of  communica¬ 
tion  methods  used  in  the  past  such  as 
nurse  call  buttons,  a  public  address  pag¬ 
ing  system  and  cordless  telephones  — 
which  were  inefficient, says  Anthony 
Kellogg,  project  manager  for  USCUH. 

The  wireless  VoIP  decision  came  after 
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1  making  your  enterprise  fully  metered,  fully  accountable,  and  fully 
effective.  Managing  data  and  serving  information  in  ways  that  make 
your  company  more  competitive.  And  you  more  central  to  its  success. 

That's  why  you  are  invited  to  The  New  Data  Center:  Powering  the 
Enterprise.  A  special  Network  World  Technology  Tour  event  for 
professionals  who  want  a  practical  mission  to  go  with  their  strategic 
vision.  It's  FREE  to  qualified  professionals.. .but  you  must  register  in 
advance  for  one  of  the  limited  number  of  seats  available. 

This  event  is  limited  to  Network  and  IT  professionals  involved  in  the  evaluation, 
purchase  and  implementation  of  data  center  products  and  services. 

REGISTER  NOW!  ONLINE  AT 

Online  at  www.nwfusion.com/events/datacenter2 
or  call  1-800-643-4668 


MODERATOR 

Andrew  M.  Schroepfer 

Founder  of  Tier  I  Research 


Timely  topics  &  takeaways 


□  new  practices  in  managing  and 
modifying  the  data  center 

□  new  paths  to  consolidating  server  and 
storage  resources 

□  new  ways  to  maximize  resources 
through  virtualization  and  automation 

□  new  techniques  for  managing  mixed 
operating  system  environments 

□  new  strategies  for  implementing  SLM 
and  monitoring  SLAs 

□  new  applications  that  take  advantage 
of  data  center  infrastructure 


Mission  critical  for: 


*  Network  Managers 

*  System  Architects 

*  IT  Executives 
►  CxOs 


*  PRESENTING  SPONSOF 


GOLD  EXHIBITING  SPONSORS: 
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To  join  s;  o-isors  of  this  premier  Network  World  Event,  please  contact  Andrea  D' Amato  at  508-490-6520  or  adamato@nww.com  for  free,  no-obligation  information 


Anticipating  Wi-Fi  VoIP 

In  a  survey  of  15  IP  PBX  vendors,  making 
22  IP-based  telephony  systems, 
Miercom  found  that  most  respond¬ 
ents’  devices  can  handle  calls  from 
802.11-compliant  wireless  phones. 


Wireless  access  technology  Percentage  of  products 


Wireless-analog  base  station 


two  separate  infrastructure  projects 
USCUH  undertook  last  year.  In  the  first, 
the  hospital  built  a  Wi-Fi  network  using 
Enterasys  Networks  gear  to  support 
mobile  devices,  such  as  laptops. 

Galling  GallManager 

In  the  second  project,  the  hospital 
installed  a  Cisco  CallManager  IP  PBX  to 
connect  some  remote  facilities  to  a 
Nortel  Meridian  PBX  over  IP  USCUH 
brought  those  projects  together  when  it 
chose  to  give  the  medical  staff  Wi-Fi 
phones.To  ensure  voice  quality,  the  hos¬ 
pital  relies  on  SpectraLink’s  NetLink  SVP 
Server,  which  provides  a  proprietary  QoS 
feature  for  giving  voice  calls  priority  over 
data.  When  the  voice  packets  hit  the 
wired  network,  they  are  placed  into  the 
first  of  eight  priority  queues  on  the 
Enterasys  LAN  switches. 

CallManager  —  a  redundant  Windows 
server  running  Ciscos  IP  PBX  software  — 
routes  all  calls  inside  the  USCUH.  (The 
majority  of  the  SpectraLink  traffic  is 
internal.)  CallManager  also  provides  call- 
control  features, such  as  call  forwarding, 
hold  and  dual-line  support.  While  most 
VoIP  calls  are  internal, SpectraLink 
phone  users  can  place  external  calls, 
too. The  VoIP  traffic  converts  to  regular 
voice  as  it  moves  from  the  CallManager 
to  an  ISDN  line,  connecting  that  IP  PBX 
to  the  Nortel  Meridian  PBX. 

While  adoption  of  wireless  LANs  isn’t 
expected  to  outpace  wired  networks 
anytime  soon,  and  land  lines  for  voice 
are  still  king  in  most  organizations,  users 
willing  to  push  the  IT  envelope  are  find¬ 
ing  that  Wi-Fi  VoIP  is  more  than  just  the 
combination  of  two  industry-chic 
acronyms.* 


■■■■■■■■■ 


Reading  someone  else’s 
copy  of  Network  World? 

Apply  for  your  own 
Free  subscription  today. 


'SFRASTRUdTURE'' 


NetworkWorld 


Costs,  security 
MfSSf  vex  VoIP  users 
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Spammers  hiding 
behind  students 


I 


Free  subscription 

(51  Issues) 


To  apply  online  go  to 

subscribenw.com/b03 


subscribenw.com/  b03 

* 

Apply  for  your 

free 

subscription  today! 

(A  $255  value  -  yours  free) 


www.nwfusion.com 
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Management 


■  CAREER  DEVELOPMENT 

■  PROJECT  MANAGEMENT 

■  BUSINESS  JUSTIFICATION 


Call  in  the  security  auditors 

Independent  SAS  70  audits  could  show  you  how  secure  data  is  with  your  service  provider. 


■  BY  LINDA  LEUNG 

Members  of  the  Web  site  Points.com  can 
exchange  their  miles  or  points  in  select  loy¬ 
alty  programs,  such  as  American  Airlines 
AAdvantage,  for  miles,  and  points  in  other 
participating  programs,  use  them  to  shop  on 
eBay,  or  trade  them  for  gift  certificates  at 
JCPenney  and  FTD.com. 

“We  model  ourselves  like  a  bank,  and  we  need  to  be  as 
secure  as  a  bank,”  says  Darlene  Higbee  Clarkin,  CTO  and 
vice  president  of  IT  at  Points  International,  operator  of  the 
site.  That  provision  extends  to  Digex,  which  hosts  Points 
International’s  entire  IT  infrastructure. 


structure  that  would  protect  us  from  potential  compro- 
mise.”The  audit  also  gives  Points  International’s  partners 
peace  of  mind. 

A  SAS  70  audit  is  particularly  useful  for  companies  that 
outsource  certain  parts  of  their  operations  and  need  to 
undergo  annual  financial  audits.  They  can  show  their 
auditor  the  SAS  70  report  of  their  service  suppliers  so  the 
auditor  doesn’t  need  to  conduct  its  own  audit  of  the 
provider’s  facility 

Generally,  the  controls  or  processes  that  are  audited  are 
those  that  protect  customer  data,  and  that  usually  includes 
the  IT  functions.  Because  of  this,  SAS  70  is  generating  a 
resurgence  of  interest  from  businesses  that  are  required  to 
meet  new  regulations  designed  to  protect  sensitive  data. 

Pamela  Fusco,  chief  security  officer  and  director  of  sys¬ 
tems  security  at  Digex,  says  customers  request  Digex’s 
SAS  70  report  to  help  them  meet  the  requirements  of 
such  regulations  as  the  Health  Insurance  Portability  and 
Accountability  Act,  the  Sarbanes-Oxley  financial  report¬ 


Independent  security  audits 


Auditing  standard 

Purpose 

Coverage 

Caveats 

SAS  70 

Lets  service  providers  describe  their 
control  activities  and  processes  in  a 
uniform  reporting  format. 

The  controls  audited 
are  those  affecting 
customers’  financial 

statements. 

Lacks  a  predetermined  set  of 
control  objectives  a  service 
provider  must  meet.  Covers 
general  controls  and  is  not 
specific  to  IT  or  security. 

SysTrust  and 
WebTrust  (for 

e-commerce 

activities) 

Provides  assurances  that  a  service 
provider's  systems  controls  meet  one 
or  more  of  the  AICPA  Trust  Services 
principles  and  related  criteria. 

Internal  controls  for 
security,  online  privacy, 
availability,  confidentiality 
and  processing  integrity. 

Not  a  comprehensive  security 
assessment;  is  focused  on 
systems  reliability. 

IS0  17799 

Contains  guidelines  for  security  and 
business  continuity.  Lets  a  service 
organization  identify  where  it  falls 
short  of  best  practices. 

Identifies  itself  as  a 
starting  point  for 
developing  organizational 
security. 

Not  a  set  of  required  practices 
ortechnologies.The 
compliance  portion  of  the 
standard  is  not  well  accepted. 

The  company  is  assured  of  Digex's  approach  to  security 
because  the  hosting  firm  invites  Ernst  &  Young  to  audit 
annually  the  IT  and  business  processes  and  procedures 
that  affect  its  customers’  business.  The  auditor  details  its 
findings  in  a  document  called  a  Statement  of  Auditing 
Standards  (SAS)  No.  70  report. 

Developed  by  the  American  Institute  of  Certified  Public 
Accountants  (AICPA)  and  launched  in  1992,  the  interna¬ 
tionally  recognized  SAS  70  provide  an  independent  verifi¬ 
cation  of  the  descriptions  of  a  service  provider’s  control 
activities  and  processes. 

“Being  SAS  70  audited  was  the  determining  factor  for 
us,”  Higbee  Clarkin  says  of  the  decision  to  use  Digex.“We 
feel  confident  that  Digex  has  the  processes  and  infra¬ 


ing  act  and  the  Gramm-Leach-Bliley  privacy  act. 

A  vendor’s  ability  to  submit  a  SAS  70  report  is  a  “make  or 
break"  for  the  Federal  Reserve  Bank  of  New  York  when  it 
comes  to  signing  on  the  dotted  line.  “We  use  a  SAS  70 
report  as  a  starting  point  for  assessing  assurances  and  con¬ 
trols  at  external  service  suppliers,”  says  Sean  Mahon,  vice 
president  and  information  security  officer  for  the  bank’s 
National  Incident  Response  Team. 

The  bank  recently  decided  not  to  use  the  services  of  a 
salary-benchmarking  consultancy  because  it  lacked  a  SAS 
70  report.  Mahon  wanted  independent  evidence  of  the 
consultancy’s  security  processes  to  protect  sensitive 
employee  data. 

However, some  observers  warn  against  using  SAS  70  as  an 


in-depth  audit  of  a  provider’s  IT  security  controls.“SAS  70  is 
a  way  for  organizations  to  describe  processes  in  a  consis¬ 
tent  way  It’s  a  disclosure  tool  rather  than  [a  tool  that  says] 
whether  they’re  secure.  So  it  has  a  limited  objective  and 
value,”  says  Jonathan  Gossels,  president  of  network  security 
consultancy  SystemExperts. 

The  important  element  to  consider,  Gossels  says  in  his 
white  paper  “SAS  70:  The  Emperor  Has  No  Clothes,”  is  that 
SAS  70  doesn’t  have  a  predetermined  set  of  standards  or 
checklists  that  an  organization  must  satisfy  In  essence,  the 
service  organization  sets  its  own  control  objectives,  and  the 
auditor  reports  on  whether  these  are  met. 

“If  an  organization  does  not  have  a  security  policy  cover¬ 
ing  a  particular  area,  or  has  one  that  allows  ineffective 
security  ...  the  SAS  70  audit  report  would  contain  a  favor¬ 
able  opinion  because  the  control  activities  matched  the 
stated  control  objectives,”  Gossels  writes. 

Although  Chuck  Landes,  director  of  auditing  standards  at 
the  AICPA,  agrees  that  service  providers  can  set  the  mea¬ 
surement  bar, “that  is  not  important.The  decision-making  is 
made  by  the  auditor  of  the  [service  provider’s]  customer 
—  if  they  are  not  satisfied  they  can  ask  for  more  work  to  be 
done,”  he  says. 

The  Federal  Reserve  Bank  of  New  York’s  Mahon  says  it’s 
up  to  the  customer  to  review  the  report  to  determine 
whether  the  service  provider  has  sufficient  processes  in 
place.  “We  use  SAS  70  because  there  is  no  commonly 
accepted  security  metric,”  he  says.“It  is  as  close  as  it  gets  to 
having  a  common  baseline.” 

“You  use  your  best  judgment  when  you  read  the  SAS-70 
report,  but  we  also  do  our  own  independent  security  aud¬ 
iting,”  Points  International’s  Higbee  Clarkin  says. 

A  handful  of  other  security  assessments  coming  into  play 
could  address  some  of  these  concerns.  AICPA  developed 
SysTrust  and  WebTrust  to  provide  independent  verification 
of  a  service  supplier’s  systems  or  e-commerce  operation. 
Auditors  test  the  reliability  of  systems  by  measuring  against 
set  criteria  for  four  principles:  availability  security,  integrity 
and  maintainability  If  the  systems  meet  the  requirements 
of  the  SysTrust  Principles  and  Criteria  document,  an  attes¬ 
tation  report  is  issued. 

Digex  also  has  been  audited  for  SysTrust  and  WebTrust, 
and  Fusco  says  the  audits  are  more  technically  involved 
than  for  SAS  70.“There  are  set  criteria  you  must  meet,  and 
there  is  testing  of  control  objectives,  user  accounts,  docu¬ 
mentation  control  and  data  transfer 

The  ISO  1 7799  is  a  code  of  practice  that  offers  guidelines 
and  voluntary  directions  for  information  security  manage 
ment.lt  provides  guidance  on  a  range  of  topics,  including 
security  policies,  personnel  security;  access  control  .  ; 
communications  and  operations  management, but  ty:  al¬ 
ly  does  not  go  in  depth.  According  to  an  FAQ  develop.  ■; 
the  U.S.  National  Institute  of  Standards  and  Technoiogv.-: 
Information  Technology  Laboratory, “ISO  17799  should  :  ■ 
augmented  by  more  technical  guidance  in  order  to  ■  < 
used  effectively  for  a  security  review”  ■ 


EASIER  TO  USE 

•  Auto-configuration  simplifies  set-up.  The  system  automatically 
addresses  the  ports,  appliances  and  computers  for  you 

•  Intelligent  AMIQ  interface  modules  remember  your  configuration, 
so  it’s  easy  to  install,  maintain  or  move  your  servers 

•  Graphical  AMWorks  administration  software  and  mouse-driven 
on  screen  menus  are  simple  to  navigate  and  control 


?nsolidate  control  of  your  server 

om  with  powerful  AMX  switching 

. 
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Matrix 

Switching 


MORE  ADVANCED  FEATURES 


•  Scalable  architecture  grows  with  your  server  room 
•Supports  multi-rack  PS/2,  Sun  and  USB  server  environments 

•  Full  non-blocked  access  to  servers  and  serial  devices 

•  End-to-end  CAT  5  connections 

•  Save  rack  space  -  1 U  switch  supports  up  to  8  users  and  32 
servers;  2U  switch  supports  up  to  16  users  and  64  servers 

•  Multi-level  security  and  password  protection  for  each  user 

•  Multiple  users  can  share  access  to  the  same  server 

•  Share,  private,  scan  mode  available  to  all  users 


§Jg§ 
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Smarter,  Simpler  KVM  Switching 


•  AMIQ  computer  interface  module  retains  the  unique  ID  and  server  name, 
so  reconfiguration  and  expansion  is  as  simple  as  switching  the  cable^ 


•  Exclusive  AutoTuning™  optimizes  video  performance  over  UTP  cable,  at 
any  distance 


•  Build  customized  user  profiles  and  centralize  control  of  connected  servers 
with  AMWorks  -  Java-based  system  software  included  with  each  switch 

•  All  system  components  can  be  flash  upgraded  simultaneously  with  just  a 
few  clicks  of  the  mouse 


Call  for  an  Avocent  Authorized  Reseller  near  you 

1  866-286-2368 


Make  the  smart  switch.  Download  our  Definitive  KVM 
Buyer's  Guide  at  www.avocent.com/advantage 

or  call  1-866-286-2368. 
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The  Power  of  Being  There- 


-  jffls  Selecting  the  right  components  for  your  wKKSjft 

network  is  often  a  challenging  decision.  ^|||||p 

With  our  AlterPath  PM8,  you  can  remotely 
re-boot  your  system  with  just  a  few  mouse  clicks.  wpp 

By  integrating  the  AlterPath  PM8  with  our  mk 

award-winning  AlterPath  ACS,  you  combine 
power  and  console  management.  Now  you  can  WM 

command  all  your  infostructure  with  secure  authentication 
and  bulletproof  encryption  as  demanded  by  todays' 
mission-critical  applications  all  in  one  single  session  -  anytime,  anywhere. 


AlterPath 


ACS 


AlterPath  PM8 


uuo 

Power 


Console  and  power  control  from  one  session, 
no  need  to  memorize  ports  and  addresses 


SSH  v2,  strong  authentication,  encryption  and 
IP  filtering  on  both  power  and  console  access 


Daisy  chain  power  distribution  units  to  control 
any  number  of  devices  from  a  single  serial  port 


- 
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Remote  Current  "oisy 
Control  Monitoring  Chaining 


"Best  Hardware  for 
Linux  since  1995" 


www.cyclades.com/ nw 

1 .888. cyclades 
sales@cyclades.com 


cyclades 


verywhere  wi 


©2003  Cydades  Corporation.  All  rights  reserved.  All  other  trademarks  and  product  images  are  properly  of  their  respective  owners.  Product  information  subject  to  change  without  notice. 
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WWW.ROSE.COM 


Rose  Electronics 
10707  Stancliff  Road 
Houston,  TX  77099 


USA  toll  free 
ROSE  US 
ROSE  Europe 
ROSE  Asia 


800  333  9343 
281  933  7673 
+44  (0)  1264  850574 
+617  3427  5353 


UltraLink™ 


■  Connects  to  standalone  computers  or  any  KVM  switch 

■  High  quality  16-bit  video  at  up  to  1280x1024  resolution 

■  Easy  to  install,  give  it  an  IP  address  and  run  the  Viewer 
program,  no  user  license  required 

■  Encrypted  communication  produces  highly  secure  operation 

■  Scaling  and  scrolling  features  for  maximum  flexibility 

■  Single  mouse  cursor  simplifies  user  interface 

■  See  four  servers  from  one  screen  with  quad  screen  mode 

■  Lifetime  free  flash  upgrades 


UltraLink  sets  a  new  standard  in  remote  management  of  server  room 
environments.  It  saves  you  money  by  allowing  you  to  centralize  your  IT 
resources.  Since  it  does  not  depend  upon  software  loaded  on  your 
computers,  it  deploys  easily  and  works  on  any  operating  system,  such 
as  Windows,  Linux,  Solaris,  Unix,  or  OSX. 


The  UltraLink  digitizes  the  remote  computer’s  video.  It  then  scales, 
compresses,  encrypts,  and  packetizes  it  into  the  TCP/IP  protocol.  At 
your  PC  the  free  Viewer  application  receives  and  displays  the  video  and 
sends  back  keyboard  and  mouse  data.  This  process  allow  you  to  access 
remote  computers  from  anywhere. 


Rose  is  a  leading  manufacturer  of  switching,  extension,  and  access 
products.  As  a  KVM  industry  pioneer,  Rose  is  known  for  its  technically 
superior  and  price  competitive  products. 


Join  the  ranks  of  many  successful  companies  using  UltraLink,  call  Rose 
to  learn  more  about  KVM  Access  over  IP  as  well  as  KVM  Switches  and 
Extenders. 
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ELECTRONICS 


EQUINOX'  “Serial  Ports  Over  IP” 

an  Avocent  Company 


The  ESP-2  Ml  is  a  compact  Multi-Interface,  2-port  serial  hub  that  provides 
versatile  RS-232,  RS-422  and  RS-485  support  for  industrial/manufacturing 
and  a  wide  variety  of  commercial  applications. 


!B35 


Web  browser 
management 


•  NEW  web  management  utility  simplifies  configuration  and  administration 

•  Supports  RS-232,  RS-422  and  RS-485  serial  protocols 

•  Ideal  for  industrial/manufacturing  environments  and  other  commercial  applications 


I 


The  Family  of  Equinox  ESP  10/100  Serial  Hubs  provide  “Serial  Ports  Over  IP 


r  T  T  T  1  r  TT  Til 
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Make  your  serial  devices 
IP  ready  with  Equinox  ESP 

Serial  Hubs! 


Place  serial  COM  ports  at  the  point  of  need  and  eliminate  the  cabling  nightmare.  Our  Multi-Interface  serial  hubs 
allow  soft-selection  of  RS-232,  RS-422  and  RS-485  serial  interfaces  on  a  per  port  basis.  Equinox  Serial  Hubs  offload 
virtually  all  serial  traffic  from  the  host  server  so  your  ports  are  finally  freed  from  the  confines  of  your  server  -  ideal  for 
peripheral  sharing.  Includes  1 5KV  surge  protection  on  every  pin  of  every  port. 

Download  your  free  white  paper  Optimizing  Manufacturing  Infrastructure  Using  Ethernet  Serial  Hubs  at 
http://www.equinox.com/wpdownload272.cfm 


For  a  FREE  30-day  product  evaluation,  call  1-800-275-3500  ext.  615  or  954-746-9000  ext  615 


C  2003  Equinox  Systems,  an  Avocent  Company  All  nghts  reserved  All  brand  names  and  product  names  are  trademarks  or  registered  trademarks  of  their  respective  holders 
One  Equinox  Way,  Sunrise  FL  33351  email:  sales@equinax.com  for  international  customers  email:  intlsales@equinox.com 
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|  www.  buyuptime.  com 
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Network  Cables 

Cisco  and  Fiber 
Cabling 

Printer,  Modem  VGA 
Cables  and  Adapters 

Enclosures 

Enclosure  Accessories 

Power  Adapters 
Cooling  Solutions 
Laptop  Accessories 
Backs 

Rack  Accessories 

Power  Distribution 

Devices 

Security  Hardware 
Surge  Protectors 
UPS  Cables  and 


-  \  l  J  ■  L-t  i 


UPS  Management 
Peripherals 

UPS  Management 
Software 

UPS  Replacement 
Batteries 

JUP_Ss 


BuyUptime.com 

Your  One-Stop  Shop  for  high  availability  products 


High  Availability  Made  Easy  - 

Buyllptime.com  is  a  leading  supplier  of  end-to-end  UPS  power,  thermal  cooling,  and  management  solutions. 
Visit  us  today  to  find  the  high  availability  solution  that  is  right  for  you. 

Power  Protection  and  Management  Solutions! 


Power  Protection  for  Servers 
and  Network  Peripherals 

Protects  your  hardware  and  data  by  supplying 
network-grade  battery  back-up  power 

►  Robust  diagnostics  allow  network  administrators  to  solve 

problems  before  they  happen 

Protects  anything  from  single  servers  to  fully  populated  racks 
•  Includes  Power  Management  software  with  purchase! 


Network  Power  Management 

Accessories 

•  Metered  outlet  strips  for  Racks/Enclosures 
provide  alarm  thresholds,  toolless 
mounting  abilities 

•  Portfolio  of  software  and 
enhancement  cards  for 
administration  and 
monitoring  of  APC  devices 

•  Many  power  management  peripherals  to 
supply  your  application  needs 


1 


•Prices  include  standard  shipping 


Order  via  our  promo  page  and  save 

Visit  http://promo.buyuptime.com 

and  enter  Key  Code:  m318y 


Or  Call  Toll  Free: 


888-288-8843  to  order. 

Fax:(877)411-2080  •  e-ma\\:customerservice@buyuptime.com 
801  Corporate  Centre  Drive,  St.  Charles,  MO  63304  •  BY2A3EP-US 
©2003  Systems  Enhancement  Corp.  All  Trademarks  are  the 
property  of  their  owners. 


F|r«w«ll 


Experience  Counts.  Since  1 994  GTA 
has  been  building  solid,  dependable 
firewall  systems.  For  the  past  8  years 
our  line  of  firewall  products  have  met 
the  demands  of  small  to  medium 
sized  businesses  worldwide.  To  learn 
more  about  our  family  of  firewalls  visit 
our  website  or  contact  a  GTA  channel 
partner. 
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Yes,  you  can  Switch 
Power  over  the  Internet... 


Servers,  routers,  and  other  electronic  equipment  sometimes 
“lock-up,”  often  requiring  a  service  call  to  a  remote  site  just 
to  flip  the  power  switch  to  perform  a  simple  reboot... 

The  NBB  “Mini”  Boot  Bar  Power  Switch,  gives  you  the  ability 
to  perform  this  function  from  anywhere! 


■  Web  Browser  Access  for  Easy  Operation 

■  Telnet  and  Serial  Access 

■  Encrypted  Password  Security 

■  Five  Individual  Outlets 

■  Power-up  Sequencing 

■  On  /Off  /  Reboot  Switching 

■  Zero  U  Mounting 

■  Versatile  Zero  U  Mounting 


WWW. 


awn  -  Network  l) oat  U at 

ffc  E*  favors  loot*  Help  gg| 
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NETWORK  BOOT  BAR 

LOCATION:  NBB  Live  Demo  Unit 

SWITCH  PANEL 

Firmware  Version:  1.01 
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"Keeping  the  Net.. .Working!" 


There  Is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


OBSERVER 


OBSERVER 


OBSERVER 

SUITE 


Quickly  Pinpoint,  Pre-solve  & 
Prevent  Network  Problems 


Qbsor/er 

*935 


Expert 
Observer 
' 2895 


Observer 
Suite 
* 3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


*  Windows ®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identified  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  lor  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 


INSTRUMENTS 


©2002  Network  Instruments,  LLC.  Observer,  “Network  Instruments"  and  the  “N  with  a  dot"  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 
All  other  trademarks  are  property  of  their  respective  owners. 
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SSH  or  Out-Band  Access  to 
Consoles  at  Remote  Locations 


■  Secure  Shell  (SSHv2)  Encryption 

■  Simultaneous  SSH  or  Telnet 

■  Non-Connect  Port  Buffering 

■  SYSLOG  Reporting 

■  SNMP  Capability 

■  Any-to-Any  Port  Switching 

■  IP  Security  Features 

■  10/100  Base-T  Ethernet  Port 

■  Port-specific  Password  Protection 

■  Data  Rate  Conversion 

■  1 1 5/230VAC  or  -48VDC  Models 

The  SCM-16  Secure  Console  Management  Switch  provides  in-band  and 
out-of-band  access  to  RS232  console  ports  and  maintenance  ports  on  UNIX 
servers,  routers  and  any  other  network  elements  which  have  a  serial  console 
or  craft  port.  System  administrators  can  access  serial  maintenance  ports 
over  the  network  via  SSH  connections  and  simple  menu-driven  commands, 
or  through  a  discrete  TCP  port  connection  mapped  directly  to  one  of  the  Visit  Website  for  Complete  NetRedCh™  product  line. 

SCM-16  serial  outputs. 


(800)  854-7226  •  www.wti.com 

5  Sterling  •  Irvine  •  California  92618-2517 
(949)  586-9950  •  Fax:  (949)  583-9514 


western  telematic  incorporated 


What  If 

Your  Hard  Drive  Crashed 

Right  Now? 


DupliDisk  provides 
real  time  data  mirroring, 
so  if  your  primary  hard  drive 
crashes,  your  computer  will 
continue  to  run  smoothly  with 
no  data  loss. 

•  Requires  no  device  drivers. 

•  Uses  no  system  resources. 

•  Complete  technical 
support  department. 

•  6  different  form  factors. 

•  Hot  Swap  models  available. 


FREE  GIFT 

Mention  This  Ad  or 
Visit  our  Website. 


DupliDisk3 


IDE  RAID  Controllers 


ARCO  www.arcoide.com/nwgift  •  (800)458-1666 


NITS 

ROTECTION 
AFFORD&MUIX. 


I 


NEW 

Office 

Pro*10 


MORE  REASONS  TO  CALL  MOVINCOOL. 
#1  IN  PORTABLE  SPOT  AIR  CONDITIONING 
FOR  OVER  30  YEARS. 


►  Protects  against  excessive  heat 

►  Prevents  costly  system  failures 

►  Increases  productivity  and  manufacturing  quality 

►  Up  to  60,000  Btu/h  of  cool  air 


►  No  costly  installation 

►  Affordable  rent  lease  or  purchase  options 

►  The  only  ETL-verified  portable  air  conditionei 
for  performance 


Call  800-264-9573  or  visit  www.movincool.com  to  ask  about  our  affordable  leasing  option 

MOVINCOOL. 

THE  #1  PORTABLE  SPOT  COOLING  SOLUTION 
©2003  DENSO  Sales  California.  Inc.  MovmCool.  Spot  Cool  and  Office  Pro  are  registered  trademarks  of  DENSO  Corporator  , 
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Power  Control 


Thie  Zero  U  Power 
Management  Over  IP 
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Power  Tower  XL 

•  Outlet  Grouping  across 
power  circuits 

•  Input  Current  Monitor 

•  New  HTML  GUI 

•  Power-up  Sequencing 

•  Zero  U  vertical  and  Rack- 
mount  horizontal  models 

•  Add  a  second  Power  Tower 
to  manage  32  power-ports 


>  Sentry  Power  Tower. 

Equipment  Cabinet  Solutions. 


Server  Technology,  Inc. 


1040  Sandhill  Drive  Reno,  Nevada  89511  USA 
web:  www.servertech.com  toll  free:  1.800.835.1515 


SENSAPHONE® 

IMS-4DDO 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 

Alarming 


Internal 

UPS 


Power  Ethernet 
Control  Port 
Interface 


Internal  Voice, 
Modem 
6t  Pager  Port 


8  R|-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/Fire) 


Microphone 

for  Sound 
Monitoring 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Phonetics,  Inc. 

Tel:  877-373-2700 

901  Tryens  Road 

www.  i  m  s-4000.  co  m 

Aston,  PA  19014 

RMONS  PROBE 

S395 


Complete,  Industry  Standard,  Software-Based  RM0N2  and 
RM0N1  Probe  for  Windows  98/Me/NT/2000/XP 


•  Low  cost,  complete  RMON  monitoring  for  remote  sites  or 
segments. 

•  Software-only,  non-dedicated  data  collection. 

•  Pure,  full  RMON  1  and  2  support.  Complete  implementation  of 
both  RMON  1  and  2  for  Ethernet  (10/100)  and  Token  Ring  (4/16). 

Full  adherence  to  RFCs  1513,  1757,  2021  and  2074. 

•  Runs  as  a  service  on  Windows  NT/2000/XP. 

•  Works  with  ANY  RMON  management  console  or  collection  facility 
(Observer ",  OpenView ",  Concord  ,  NetScout  \  etc.). 

•  Compatible  with  Network  Instruments'  optimized  ErrorTrack ,u  NDIS 
drivers  display  true  errors-by -station. 

•  Multiple  concurrent  network  interface  monitoring  (up  to  10). 

Why  pay  thousands  more  for  the  same  data? 

Call  800-526-7919  for  information,  or  see  our  web  site  at: 

www.networkinstruments.com 

©  2001  Network  Instruments.  LLC  -  Corporate  Headquarters  (952)  932-9899  FAX  (952)  932-9545 
UK  and  Europe  +44  (0)  1959  569880  FAX  +44  <0)  1959  569881  info@networkinstruments.com  www  networkinslruments  com 
Network  Instruments  and  trie  'N“  logo  are  registered  trademarks  of  Network  Instruments.  LLC  Minneapolis.  MN  USA 


Systems/Features/Memory 


CISCO 

EQUIPMENT 

Also  Available:  wellfleet,  Bay,  Fore, 
Xylogics,  Livingston,  &  Ascend 

in  Stock  •  Fast  Delivery  •  No  Expedite  Charges 


COMSTAR,  INC. 

The  m  Network  Remarketer 

952*835*5502 

Fax  952*815*1927  E-Mail:sales@comstarinc.com 


Advertise  in  the  Marketplace 
and  watch  your  sales  come 
pouring  in!  ^  S 
Call  Direct  Response  Advertising 
1-800-622-1108 
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We  Buy  &  Sell 

USED 

CISCO 

Juniper 

Extreme 

800.451.3407 

Since  1985 

50-90%  Savings 
Fully  Guaranteed 
Overnight  Delivery 

networkhardware.com 


NEW 


USED 


50%-90%  Discounts 


Cisco  Livingston  Ascend  Lucent 
3Com  US  Robotics  Kentrox 
Adtran  BayNetworks  Xyplex 
Racketeer  Computone  Patton 
Extreme  Networks 

Modems  /  DSU  /  Muxes 

IBM  UDS  Codex  Hayes  GDC 
Micom  Microcom  Paradyne 
ATT  MultiTech  Penril 
Racal  Telebit  Zoom 


BUY  AND  SELL 

800-699-9722 
www.wrca.net 
AS5x  VOIP /EXS  2000 


"lruiivii 

See  the  entire  Generation 
3.0  collection  at: 

BRETTS 

Luggage.  Leather  goods.  Gifts 
Pens.  Clocks.  Lighters.  Games 

www.suitcase.com 


CISCO  NORTEL 

NEW  •  REFURB  /  BUY  •  SELL 


Truckload 

Sale 

55 


Cisco  Smtiis 


NORTEL 

NETWORKS 

caaeTRon 


Bay  Networks  _ 


Fax  Equipment  List  To  801-377-0078 


888-8LANWAN 

Call  for  Free  Quote!  (888-852-6926)  www.nie.com 


Learnkey,  Inc. 

(800)  865-0165 
I  www.leamkey.com 
Self-paced  online  CD  network 
certification  developer  bus/apps 


Contact  these  companies  today  to  help  you  with  your  training  needs! 


I  Transcender 

(615)  726-8779 
I  www.transcender.com 
Award-winning  practice  exams 
1  for  IT  certification 

CBT  Nuggets 

(888)  507-6283  &  (541)  284-5522 
|  www.cbtnuggets.com 
Inexpensive  training  videos  on  CD. 

MCSE,  MCDBA,  MCSD,  Cisco  CCNA,  Linux,  A+,  Net+ 


MeasureUp 

(678)  356-5000 

www.measureup.com 
Certification  Practice  Tests 

IPexpert,  Inc. 

(866)  225-8064 
I  www.ipexpert.net 
CCIE  (R&S,  SEC,  and  C&S),  CCSP, 

CCNP,  CCNA,  and  IP  TELEPHONY 

So  Sfhii-i  Jo'M  Lisliiij  JJ  Hi 
itilv.i  'ju'dah  n! 


^  NetworkWorid  NetSmart  Learning  Partner 


Cu! 

OptimumDatalnc. 


toll  free  800  879  8795 
ph:  + 1  402  575  3000 
fax: +1  402  575  2011 


www.optimumdata.com 


ADTRAN 


SERVER  ROOM 

Temperature 

Sensors 

i.i  n  u a  mm  *129" 


Multiple  Models  Inc lu d l  ng: 

THL-100 

jpv  (Battery  powered) 

|  THL-100  AC/DC 

m  (Continuous  monitoring) 

*  THL-100  AC/DC  Plus 

(Email  alarms) 


-  THl 


looJS 


►  Records  Temperature,  Humidity  &  Light 

►  Time  Stamped  Data  for  Detailed  Analysis 

►  Windows-based  SmartSensor  Software 

•  Data  or  graphical  view 

•  Easily  exports  to  common  spreadsheet 
software 


Toll  Free  1-866-442-7767 
www.smartronix.com/products 


►  Largest  warehouse  a?  used 

►  Highest  quality  and  low  US',  r. 

►  Over  5000  satisfied  cys ter: 


Call  or  email  for  a  7  >  • " 


it  careers 


it  careers.com 


Get  Ahead  In  Your  Career! 


BDPA,  The  Premier  Organization  For  African  Americans 
In  Information  Technology,  Invites  You  To  Attend  The... 


BDPA  National  Conference 


CAREER  EKPO 

August  15  -  16,  2003  •  Philadelphia  Marriott 

Friday,  August  15:  10:00am  -  6:00pm  •  Saturday,  August  16:  10:00am  -  4:00pm 
FREE  ADMISSION  TO  THE  CAREER  EXPO! 

Employers  Include:  Abbott  Laboratories  •  Accenture  •  Advanced  Reasoning  Systems  •  Anthem  Blue 
Cross  Blue  Shield  •  AstraZeneca  •  Cardinal  Health  •  Computer  Associates  •  Compuware  Corporation  • 
Dell  Computer  •  Deloitte  Consulting  •  FleetBoston  Financial  •  GlaxoSmithKline  •  Greenwich  Technology 
Partners  •  Hewitt  Associates  •  Household  International  •  Iowa  Human  Resource  Recruitment 
Consortium  •  Mayo  Clinic  •  McDonalds  Corporation  •  Merck  &  Company  •  Performigence 
Corporation  •  Sears  Roebuck  &  Co  •  Siebel  Systems  •  Siemens  Business  Services  •  Thomson 
West  •  Toyota  Motors  •  Unisys  •  The  Vanguard  Group  •  Verizon  Wireless  •  Wachovia 

For  the  latest  information,  please  visit  us  at  www.shomex.com/bdpa. 

Employers  -  To  exhibit  at  the  Career  Expo,  please  call  Gloriann  Clark  at  310-309-4409. 


To  register  or  get  more  information  on  attending  the 
conference,  which  features  over  3D  workshops,  please  call 

800-727-BDPA  or  visit  us  at  vvww.bdpa.org/conference.cfm. 


SENIOR  PROGRAMMER  ANA¬ 
LYST:  Will  formulate  and  define 
systems  scope  and  objectives  in 
order  to  design,  develop  or  mod¬ 
ify  information  systems.  Involved 
in  all  processes  concerning  sys¬ 
tems  analysis  and  programming, 
including  design  factors,  hard¬ 
ware  and  software  require¬ 
ments.  Will  identify  and  analyze 
business  requirements  geared 
toward  applying  computer  tech¬ 
nology  to  business  processes. 
Will  create  functional  specifica¬ 
tions  and  derivative  programs. 
Will  conduct  vendor  application 
software  research  and  evalua¬ 
tion  and  install  customized  ven¬ 
dor  packages  and  complete  sys¬ 
tem  integration  as  required.  Will 
analyze  and  prepare  documen¬ 
tation  on  application  systems  for 
internal  and  external  use.  Will 
act  as  liaison  from  internal  busi¬ 
ness  personnel  and  IS  units  to 
outside  vendors  and  IS  commu¬ 
nities.  Will  provide  administra¬ 
tive  functionality,  training  and 
application  support  for  vendor 
package.  Min.  Reqts:  BS/BA 
(foreign  equivalent  accepted)  in 
CS,  EE.  MIS  or  related  field  of 
study  plus  2  years  exp.  in  job 
offered  or  in  related  occupation 
(i.e.  systems  Programming  or 
Analysis).  MUST  possess 
demonstrated  expertise  in  the 
following.  (1)  Major  system 
installation  including  develop¬ 
ment.  implementation,  and 
maintenance  of  distributed  sys¬ 
tems;  (2)  Applications  develop¬ 
ment  for  financial  services  prod¬ 
ucts  and  industry  including 
financial  reporting;  and  (3) 
Programming  and  analysis 
using:  Visual  C++.  Cold  Fusion, 
PVCS  Dimensions,  and 
Installshield.  Basic  pay  range  is 
$  56  SOO  -  $  65,000  per  year  FT 
and  standard  company  benefits 

IEEO  Submit  2  resumes  and 
respond  to  Case  No  2002- 
02297.  Labor  Exchange  Office. 
19  Stanford  Street.  1st  Floor. 
Boston  MA  02114. 


Mgr  of  R&D  for  Hardware  Solu¬ 
tions.  Atlanta,  GA.  Coordinate/ 
plan  ITT  R&D  for  remote  monitor¬ 
ing  platform  project  teams  in  US 
and  Romania.  Ensure  company 
proprietary  sys.  &  techs.  Are  cor¬ 
rectly  utilized  in  designing  hard¬ 
ware  boards  for  clients  world¬ 
wide.  Coord.  Software  &  scen¬ 
ario  testing  for  hardware  boards. 
Prepare  progress  reports  &  rec¬ 
ommendations.  Maintain  commu¬ 
nications  w/  dvpmt.  Teams  in 
Romania  &  advise  Romanian 
teams  on  tech.  Issues.  Req: 
Bachelor's  degree  or  foreign 
equiv.  In  Electrical  Engg.  5  yrs 
exp.  In  job  offered  or  in  network 
engg.  Following  exp.  (may  be 
concurrent):  3  yrs.  Exp.  In  design/ 
installation/maintenance  of  com¬ 
puter  sys.  &  networks  at  custom¬ 
er  locations;  3  yrs.  Exp.  In  instal- 
lation/config.  Of  OS  software  & 
custom  appls.,  incl.  Microsoft  OS 
software,  UNIX  OS  (SINIX,  LIN¬ 
UX),  and  Informix,  3  yrs.  Exp.  In 
design  &  implementation  of  LAN/ 
WAN  hardware  solutions,  includ¬ 
ing  network  mgmt.  Software. 
Proficiency  in  Romanian.  Res¬ 
ume:  Ms.  Cary  Reams,  NIVIS 
LLC,  1000  Circle  75  Pkwy.  Ste. 
300,  Atlanta.  GA  30339. 


SBI  is  looking  for  the  following 
positions  for  its  offices  in 
Houston,  TX,  San  Francisco, 
CA,  Warren,  NJ,  Salt  Lake 
City,  UT  and  Portland,  OR: 
Programmer  Analysts,  Tech¬ 
nical  Architects,  Technical 
Consultants,  Business  Strate¬ 
gists,  Systems  Analysts,  Soft¬ 
ware  Engineers.  Art  Director, 
resumes  by  email  or  fax  only 
to  HR.  SBI  2825  East 
Cottonwood  Parkway,  Suite 
480,  Salt  Lake  City,  UT 
84121: 

careers@sbiandcompany.com; 

Fax  (801)  733-3201. 


COMPUTER  PROFESSIONALS 

Opportunities  for: 

•WEB  ARCHITECTS/ 
DEVELOPERS 

•  SYSTEMS  ANALYSTS 

•  WEB  GRAPHIC  DESIGNERS 

•  NETWORK  ENGINEERS 

•  PROGRAMMER/ANALYSTS 

•  SOFTWARE  ENGINEERS 

SKILLS: 

•  COLD  FUSION  •  SPECTRA 

•  ORACLE  •  VISUAL  BASIC 

•  VISUAL  C++  •  SIEBEL  •  ASP 

•  COM.  DCOM  •  JSP  •  HTML 

•  JAVA.  JAVA  BEAN  •  EJB  JAVA 
SERVLETS  •  WEBSPHERE 

•  IBM  MQ  SERIES  •  XML.UML 

•  MTS  •  CLARIFY  •  PERL 

•  OBJECTPERL  •  SPYPERL 

•  SMALLTALK  •  PL/SQL 

•  VISUAL  AGE  •  COBOL,  SPL, 
UNIX 

Visit  our  website  @ 
www.computerhorizons.com 

Attractive  salaries  and  benefits. 
Please  forward  your  resume  to: 
H.R.  Mgr.,  Computer  Horizons 
Corp..  49  Old  Bloomfield 
Avenue,  Mountain  Lakes,  New 
Jersey  07046-1495.  Call 
973-299-4000.  E-mail:  jobs@ 
computerhorizons.com.  An 
Equal  Opportunity  Employer  M/F. 


Innovision  Technologies,  a 
dynamic  company,  is  looking  for 
system  analysts.  IT  profession¬ 
als  and  software/project  engi¬ 
neers.  BS  plus  some  experi¬ 
ence  is  required.  We  offer  attrac¬ 
tive  wage  with  full  benefits,  401k 
and  job  is  stable.  Please  send 
resumes  to: 

iti@innovisiontech.com.  EOE 

Infomerica  is  looking  for  sys¬ 
tem/programmer  analysts,  soft¬ 
ware/project  engineers  &  com¬ 
puter  consultants  working  at  dif¬ 
ferent  sites  (travel  required). 
Candidates  must  have  BS  with 
exp  in  IT  fields.  Skills  of  Oracle, 
Informix.  Java  preferred.  Send 
resumes  to: 

info@infomericainc.com.  EOE 


Intergraph  Process,  Power  &  Off¬ 
shore.  a  division  of  Intergraph 
Corporation,  supplies  integrated 
lifecycle  solutions  for  the  design, 
construction,  and  operation  of 
process  and  power  plants,  off¬ 
shore  rigs  and  ships.  We  have  the 
following  positions  available: 

Senior  Software  Analysts 

Plant  Design  j 

Plan  and  conduct  complex  pro¬ 
gramming/software  assignments  in 
the  development  of  complex  soft¬ 
ware  systems  for  Company’s  prod¬ 
ucts.  Requires  Bachelor's  degree/ 
equivalent  in  Computer  Science, 
Math,  Engineering  or  related  tech¬ 
nical  field  +  3  years  related  experi¬ 
ence;  or  a  Master's  degree/equiva¬ 
lent  +  1  year  of  related  experience. 
To  include  a  minimum  of  6  months 
experience  in  programming,  de¬ 
signing,  developing,  trouble  shoot¬ 
ing,  and  implementing  complex 
and  integrated  software  systems 
for  Plant  Design,  Product  Data 
Management,  Instrumentation, 
Piping,  AIM,  CAD,  Naval  Architec¬ 
ture,  3D  Applications,  or  Structural 
Engineering  and  6  months  experi¬ 
ence  programming,  designing,  de¬ 
veloping,  trouble  shooting,  and 
implementing  complex  and  inte¬ 
grated  software  systems  using 
C/C++  and  Visual  Basic,  Oracle, 
SQL,  COM,  or  Visual  Test. 

Senior  Support  Engineers 
Plant  Design 

Provide  technical  support  and  con¬ 
sulting  services  for  complex  Plant 
Design  software  systems.  Re¬ 
quires  Bachelor's  degree/equiva¬ 
lent  in  Computer  Science,  Math, 
Engineering,  or  related  technical 
field  +  6  years  related  experience 
or  a  Master’s  degree/equivalent  + 
4  years  related  experience.  To 
include  3  years  experience  in  sup¬ 
porting,  configuring,  and  trou¬ 
bleshooting  complex  process, 
power,  or  ship  design  software 
systems  using  SQL  and  Oracle  on 
a  Windows  operating  system. 

Intergraph  offers  relocation  assis¬ 
tance,  a  highly  professional  work¬ 
ing  environment,  excellent  ad¬ 
vancement  potential,  competitive 
salaries,  and  company-paid  bene¬ 
fits  including  a  matching  401  (k) 
plan.  For  immediate  consideration, 
please  send  your  resume  to 
Intergraph  Process,  Power  &  Off¬ 
shore,  Attn:  Sharon  Wolchik,  Fax: 
(256)730-3428;  Email:  srwolchi@ 
ingr.com.  Please  specify  position 
title  of  interest  and  this  reference 
number:  #L03.  Intergraph  is  an  Af¬ 
firmative  Action/Equal  Opportunity 
Employer.  M/F.D.V. 


Network  Administrator,  8a- 
5p.  40  hrs/wk.  Integrate, 
install  &  maintain  LAN  & 
WAN  systms.  Test,  monitor 
&  troubleshoot  network 
h/ware  &  s/ware  as  needed 
using  UNIX  admin  on  Sun 
Solaris.  Bach  or  equiv 
w/major  in  Comp  Sci  or 
Engg,  Electronics  or  related 
field.  2  yrs  in  job  or  as 
Network  Engr.  Resume: 
Ultra  Telecom,  Inc.,  1600 
Oakbrook  Dr.,  Ste  520, 
Norcross,  GA  30093. 


Technical  Project  Leads 
needed  in  unanticipated 
client  sites  to  coord,  monitor 
&  expedite  all  business- 
related  tasks  such  as  lead 
RGSs  to  obtain  &  analyze 
business  &  systm  reqmts, 
prep  &  negotiate  contract 
proposals  &  deliver  presen¬ 
tations,  act  as  liaison  to 
build  CRM  solution  tools, 
maintain  timelines,  perform 
mkt  rsrch  &  analysis.  Apply 
to:  Hireme,  Global 

Consultants,  25  Airport  Rd, 
Morristown,  NJ  07960. 


CyberSoft  Technologies,  Inc. 
specializes  in  Web-based  solu¬ 
tions.  web  integration,  data 
warehousing.  Looking  for  the 
following  positions: 

Systems  Analysts:  Analyze, 
design,  develop,  test,  and  im- 
plementB2B,  Enterprise  Appli¬ 
cation  Integration  and  Distrib¬ 
uted  Applications  using  Rational 
Rose,  UML,  C#.NET,  ASP.NET, 
SQL  Server,  XML  WebServices 
and  Data  Warehousing  tools. 
Need  Bachelor's  degree  in 
Computers  or  Engineering  or  a 
related  field.  Need  2+  years  of 
experience. 

Send  resume  to:  HR,  4420  FM 
1960  West,  Suite  #222, 
Houston,  TX  77068  or  via  email: 
jobs@cybersoftech  .com . 


Looking  for 
a  new  career? 


The  new  itcareers.com 
and  CareerJournal.com 
combined  jobs  database 
can  help  you  find  one. 

Check  us  out  at: 


www.itcareers.com 


The  World  Of  Work  Is 
Changing  Every  Week. 


*  M- 


Luckily,  We  Are  Too! 


itcareers.com  is  now 
powered  by 
CareerJournal.com! 
Search  for  jobs  and  post 
your  resume  here  on 

www.itcareers.com 
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Position  based  in  HR  Systems  and 
requires  strong  knowledge  of 
PeopleSoft  architecture  as  it  relates 
to  application  servers,  web  servers, 
database  servers,  tuxedo  messag¬ 
ing  and  process  scheduler.  Will  use 
project  management  knowledge 
skills,  tools  and  techniques  to  lead 
and  execute  multiple  project/ser¬ 
vice  initiatives  of  moderate  or  great¬ 
er  size,  complexity  and  impact  Will 
plan,  organize,  actuate  and  control 
delivery  of  IT  products  and  ser¬ 
vices  Duties  will  involve  the  con¬ 
struction/configuration.  installation 
and  maintenance  of  complex  or 
pioneer  application/system  soft¬ 
ware.  full  testing  of  application/sys¬ 
tem  software  and  configurations 
creation  and/or  updating  of  applica¬ 
tion/system  documentation;  design¬ 
ing  application/system  solutions 
that  emphasize  preventive  versus 
corrective  measures;  and  identify¬ 
ing  appropnate  technical  solutions 
Requires  bachelor's  degree  or  its 
equivalent  in  Computer  Science  or 
a  related  field  and  three  years  ex¬ 
perience  with  PeopleSoft.  Position 
is  located  in  Omaha.  Nebraska 
Fulltime.  M-F  Salary  $70. 000/year 
No  assistance  with  relocation 
expenses  is  offered. 

Interested  applicants  may  submit 
their  resumes  to  www.conaora 
foods.com.  click  on  "careers",  then 
"apply  now"  Note  you  must  type 
in  the  following  code  of  C00181  in 
order  to  apply  for  this  position. 
Failure  to  correctly  enter  this  infor¬ 
mation  will  result  in  non-considera¬ 
tion  for  the  position.  You  may  also 
submit  your  resume  to  ConAgra 
Foods.  Inc.,  Attn  Nadine  Ries. 
Human  Resources,  ETS-200,  7300 
World  Communications  Drive. 
Omaha.  NE  68122. 


TechNation  Software  Consulting, 
Inc,  a  software  consulting  company 
with  its  main  place  of  business  at 
Sioux  Falls,  SD  has  multiple  posi¬ 
tions  for  Software  Professionals  in 
the  area  of  Datawarehousing 
Technologies  and  in  Middleware 
TechNation  intends  to  build  a  top 
notch  team  that  can  provide  solu¬ 
tions  in  these  areas  and  is  looking 
for  professionals  at  Techlead. 
senior  programmer  analysts  and 
developer  positions 

1.  Techleads:  Will  lead  a  team  of 
3-5  programmers  in  new  devel¬ 
opment/maintenance,  provide 
design,  lead  the  team  in  devel¬ 
opment  and  will  allocate  work 
and  take  responsibility  of  time 
schedules. 

2.  Senior  Programmer  Analysts; 
Will  analyze  client  needs,  eval¬ 
uate  existing  software,  gather 
requirements,  and  help  design 
the  specs  along  with  taking 
part  in  customization  of  soft¬ 
ware. 

3.  Developers:  Will  code,  help 
customize  software  and  will 
perform  unit  testing. 

Requirements.  All  positions  require 
BS  in  Comp.  Science  or  its  equiva¬ 
lent  with  more  than  3  years  of  over¬ 
all  IT  Experience.  All  positions  will 
require  experience  in  one  of  Busin¬ 
ess  Objects.  Cognos,  Informatica, 
Oracle  Express.  Siebel,  Tibco  or  in 
WebMethods  with  experience  in 
allied  Internet  technologies. 

TechNation  provides  onsite-consul¬ 
ting  services  to  clients  across  the 
United  States  and  hence  a  key 
requirement  for  all  positions  is  that 
candidates  must  be  willing  to  relo¬ 
cate  across  the  country  for  penods 
between  3-6  months  or  as  needed 

Send  resumes  to  Rona  Troff.  300 
N  Dakota  Ave.  Suite  #505-B,  Sioux 
Falls.  SD  57104  or  email  rtroff@ 
tnscinc.com  .  Fax:  530-733-2775 


Account  Executive 

Initiate,  engage,  develop,  and  man¬ 
age  business  relationships  and 
partnerships  including:  prospect 
generation,  preparation  and  pre¬ 
sentation  of  solutions  and  proposal 
preparation  and  finalization  for 
Odyssey  and  Flowmate  based  pro¬ 
jects.  Bachelors  degree  in  Bus¬ 
iness  or  Economics  and  2  yrs.of 
exp  or  2yrs.  of  exp  in  a  related 
position  w/ability  to  use:  Odyssey 
and  Flowmate  and  knowledge  of 
ISO  9001  and  CMM  Level  4  con¬ 
cepts  40.0  hrs./wk  9:00  AM  -  6:00 
PM  Applicants  send  cover  letter 
and  resume  to  SRA  Systems.  1945 
Cliff  Valley  Way.  #270.  Atlanta,  GA 
30339.  ATTN:  S  Nagarajan 


§&Qigr  .Database  Adroin&ralor 

The  Senior  Database  Administrator 
will  function  as  a  key  member  of  the 
IT  Infrastructure  team  responsible 
for  the  definition,  design,  documen¬ 
tation  and  on-going  support  for 
SQL  databases  for  the  Chicago- 
based  ConAgra  Foods  companies. 
This  will  include  overseeing  all 
aspects  of  database  administration 
on  all  related  servers  for  this  oper¬ 
ating  group;  design,  implementa¬ 
tion  and/or  modification  of  data¬ 
base;  performing  server-level  an¬ 
alysis  to  determine  future  growth 
patterns  and  appropriate  new  tech¬ 
nologies;  and  the  diagnosis,  correc¬ 
tion  and  prevention  of  computer 
systems  errors  and  failures  on  end- 
user  and  network  levels.  The  can¬ 
didate  must  possess  experience  in 
the  following  areas:  Kronos™  Time 
and  Attendance  management  sys¬ 
tems  (including  Workforce  Central 
Suite.  Data  Collection  Manager, 
and  NexTrak  Leave  Management 
system);  Record  Archive  system; 
Database  Recovery  Plan;  and 
SPC9000™  Statistical  Process 
Control.  Position  requires  minimum 
of  a  Bachelor's  degree  in  Computer 
Science/Engineering  or  a  related 
field  and  five  (5)  years  experience 
in  a  position  that  involves  imple¬ 
mentation  of  complex  systems  pro¬ 
jects.  Position  fulltime.  M-F.  Salary 
$86, 750/year.  Job  is  located  in 
Downers  Grove,  Illinois.  Reloca¬ 
tion  assistance  for  this  position  is 
not  provided  by  the  Company. 

Interested  applicants  may  submit 
their  resumes  to  www.conaora 
foods.com.  click  on  "careers",  then 
"apply  now".  Note:  You  must  type 
in  the  following  code  of  CIMN00764 
in  the  box  labeled  "In  what  job  are 
you  interested"  in  order  to  apply  for 
this  position.  Failure  to  correctly 
enter  this  information  will  result 
Nadine  Ries.  SPHR,  Human 
Resources  ETS-200.  7300  World 
Communications  Drive,  Omaha. 
NE  68122. 


Teksoft  Inc  is  a  growing  software 
development  and  consulting  firm 
in  Houston.  We  are  looking  for 
Computer  Professionals  for  the 
following  positions. 

Software  Engineer:  Research, 
analyze,  design  and  develop  in¬ 
ternet  programs  for  WEB  based 
knowledge  management,  cus¬ 
tomer  relationship  management, 
sales  force  automation  and  e- 
commerce  for  development  of 
SAP  packages.  Must  have  kno¬ 
wledge  of  any  SAP  (  I.S  )  Indus¬ 
try  Solutions  modules.  Requires 
Masters  degree  in  Computer 
Science  or  in  a  related  field  and 
1  one  year  of  experience  in  the 
advertised  position  or  in  a  simi¬ 
lar  position  and  ability  to  use 
SAP  Industry  Solutions  mod¬ 
ules.  Must  be  willing  to  travel. 
Programmer  Analyst:  Plan,  test 
and  develop  internet  based  pro¬ 
grams  for  ERP  packages,  CRM. 
Sales  force  automation  and  E- 
Commerce.  Requires  a  Bachel¬ 
ors  degree  in  Computer  Science 
or  in  a  related  field  and  one  year 
of  experience  in  the  advertised 
position  or  in  a  similar  position 
and  ability  to  use  ERP  and 
CRM.  Must  be  willing  to  travel. 
Send  Resume  and  Cover  letter 
to:  Teksoft,  Inc.  7457  Harwin  Dr, 
#  303-B,  Houston.  TX  77036. 


SOFTWARE  ENGINEER  to  an¬ 
alyze,  design,  develop,  test,  im¬ 
plement  and  maintain  software 
systems  for  e-commerce  appli¬ 
cations  using  object  oriented 
methodology  with  Visual  Basic, 
SQL  Server,  UNIX,  Oracle,  Java 
and  web  technology.  Require. 
B.S.  in  Computer  Science/ 
Engineering  and  six  months 
experience  in  the  job  offered  or 
any  experience  providing  skills 
in  described  duties  (experience 
may  be  full  time  or  equivalent 
part  time).  Coursework  must 
include  Operating  Systems  and 
Algorithmic  Analysis.  Compet¬ 
itive  salary  and  benefits.  8:30 
am  to  5pm,  M-F.  Apply  with 
resume  to:  President,  Credit 
Card  Management.  Inc.,  7289 
Garden  Road.  Suite  113,  Riviera 
Beach.  FL  33404. 


SENIOR  PROGRAMMER  ANA¬ 
LYST:  Duties  include:  Will  formu¬ 
late  and  define  systems  scope 
and  objectives  in  order  to  pur¬ 
chase.  design,  develop  or  modi¬ 
fy  information  systems.  Involved 
in  all  processes  concerning  sys¬ 
tems  analysis  and  programming, 
including  design  factors,  hard¬ 
ware  and  software  require¬ 
ments,  system  facilities,  and  job 
control  procedures.  Will  identify 
and  analyze  business  require¬ 
ments  geared  toward  applying 
computer  technology  to  busi¬ 
ness  processes.  Will  create 
functional  specifications  and 
derivative  programs.  Will  con¬ 
duct  vendor  application  software 
research  and  evaluation  and 
install  customized  vendor  pack¬ 
ages  and  complete  system  inte¬ 
gration  as  required.  Will  analyze 
and  prepare  documentation  on 
application  systems  for  internal 
and  external  use.  Min.  Reqs.: 
BS/BA  (foreign  equivalent 
accepted)  in  CS,  EE  or  related 
field  of  study  plus  2  years  exp.  in 
job  offered  or  2  years  exp.  in 
related  occupation  (i.e. 
Programming  or  Systems 
Analysis).  MUST  possess 
demonstrated  expertise  in  the 
following:  (1)  Major  system 
installation  including  develop¬ 
ment,  implementation,  and 
maintenance  of  distributed  sys¬ 
tems;  (2)  Programming  with 
Visual  Basic/C,  Cold  Fusion, 
and  Powerbuilder;  (3) 
Application  design  in  support  of 
Group  Insurance  product 
requirements;  and  (4)  Using 
Crystal  Reports,  PVCS 
Dimensions,  or  Installshield. 
Salary  Range  $55,500  to 
$65,000  per  year  FT  and  stan¬ 
dard  company  benefits.  EEO. 
Submit  2  resumes  and  respond 
to  Case  No.  2002-02289,  Labor 
Exchange  Office,  19  Staniford 
Street,  1st  Floor,  Boston,  MA 
02114. 


Software  Engineer  4  wanted  to 
develop  &  customize  multi-lin¬ 
gual  real  time  voice  recognition 
applications  for  large-scale  com¬ 
mercial  wireless  networks  on 
Windows/UNIX  platforms;  define 
natural  language  grammars 
using  parsing  &  object  oriented 
technologies;  implement  &  inte¬ 
grate  Oracle  procedures,  trig¬ 
gers  &  packages  to  store  sub¬ 
scriber  data;  design,  implement 
&  test  feature  enhancements; 
customize  VoiceXML  applica¬ 
tions  for  voice  portal,  next  gen¬ 
eration  voice  mail  &  unified  mes¬ 
saging  products;  provide  tech, 
lead  support  for  customization  of 
features  for  delivery  to  cus¬ 
tomers.  Must  have  Bach.  deg. 
in  Comp.  Sci.,  Elect.  Eng.  or 
related  field  &  4  yrs.  software 
development  exper.,  incl.  at 
least  1  yr.  exper.  with  compilers 
&  parsing,  &  incl.  exper.  with 
large-scale  commercial  net¬ 
works,  object  oriented  technolo¬ 
gies,  Oracle  &  XML  applications. 
Salary  $85,561/yr.  Send  2 
resumes  to  Case#200202346, 
Labor  Exchange  Office,  19 
Staniford  St.,  st  FI.,  Boston,  MA 
02114. 


Software  Development 

V.L.S.  Systems  Inc  is  a  software 
development  and  consulting  co 
with  multiple  openings  for  Software 
Engineers,  DBA's,  and  Program¬ 
mer  Analysts  to  work  at  client  sites 
throughout  the  United  States.  Indi¬ 
viduals  must  have  a  minimum  of  a 
Bachelor  Degree  and  2  years  of 
experience  in  software  application 
design,  programming,  administra¬ 
tion  and  testing  of  any  of  the  follow¬ 
ing:  CRM,  ERP,  Client/Server. 
Mainframe  and  Web  Applications 
using  any  of  the  following  Siebel, 
Oracle  Apps.  PeopleSoft,  SAP.  MS 
SQL  Server,  UDB/DB2,  Sybase, 
Abinitio,  SeeBeyond,  Vignette. 
C++.  ASP.NET.  XML.  Java.  J2EE, 
Java  Scnpt.  Perl,  HTML.  Cobol, 
CICS,  MVS/ESA,  Unisys.  Visual 
Basic.  COM+.  MTS.  Cognos, 
Websphere,  Weblogic,  Web  Meth¬ 
ods,  Unix,  Windows  NT/2000/XP 
Embedded  related  tools.  Apply  to 
V.L.S.  Systems.  9900  Main  Street. 
Suite  304,  Fairfax.  VA  22031 . 


For  over  20  years,  Syntel  employees  across  North  America,  Europe,  and 
Asia  have  helped  build  advanced  information  technology  systems  for  lead¬ 
ing  Fortune  500  companies  and  government  organizations  to  improve  their 
efficiency  and  competitiveness.  Today,  Syntel  professionals  are  building 
rewarding  careers  by  providing  solutions  in  e-business,  CRM,  Web  Design 
and  Data  Warehousing. 

Come  discover  why  Forbes  magazine  placed  Syntel  second  on  its  list  of 
“The  200  Best  Small  Companies  in  America"  and  Business  Week  ranked 
us  #1 1  on  its  list  of  Hot  Growth  Companies. 

Due  to  our  rapid  growth,  we  have  immediate,  full-time  opportunities  for 
both  entry-level  and  experienced  Software  Engineers,  Consultants, 
Programmers,  Programmer/ Analysts,  Project  Leaders,  Project  Managers, 
Supervisors,  Database  Administrators,  Computer  Personnel  Managers 
and  Computer  Operations/ Account  Managers/Account  Executives  with 
any  of  the  following  skills: 

Mainframe 

•  IMS  DB/DC  or  DB2,  MVS/ESA, 

COBOL,  CICS 

DBA 

•  ORACLE  or  SYBASE 

Client-Server/WEB 

•  Siebel 

•  Websphere 

•  Com/DCom 

•  Web  Architects 

•  Datawarehousing 

•  Informix,  C  or  UNIX 

•  Oracle  Developer  or  Designer  2000 

•  JAVA,  HTML,  Active  X 

•  Web  Commerce 

•  SAP/R3,  ABAP/4  or  FICO  or  MM 
&  SD 


•  Focus,  IDMS  or  SAS 


•  DB2 


Oracle  Applications  &  Tools 
Lotus  Notes  Developer 
UNIX  System  Administrator 
UNIX,  C,  C++,  Visual  C++,  CORBA. 
OOD  or  OOPS 
■  WinNT 

Sybase,  Access  or  SQL  server 

PeopleSoft 

Visual  Basic 

PowerBuilder 

IEF 


Account  Executives,  Account  Managers  and 
Business  Development/ Account  Specialist 

positions  available. 

Some  positions  require  a  Bachelor's  degree,  others  a  Master's  degree.  We  also 
accept  the  equivalent  of  the  degree  in  education  and  experience. 

With  Syntel  (NASDAQ:  SYND,  you'll  enjoy  excellent  compensation,  full  benefits, 
employee  stock  purchase  plan  and  more.  Please  forward  your  resume  and 
salary  requirements  to:  Syntel,  Inc.,  Attn:  Recruiting  Manager-LD07, 

525  E.  Big  Beaver,  Suite  300,  Troy,  Ml  48083.  Phone:  248-619-2800; 
Fax:  248-619-2888.  Equal  Opportunity  Employer. 


SVNirEL 

www.syntelinc.com 
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SENIOR  PROGRAMMER  ANA¬ 
LYST:  (Ancillary  IS  Support 
Dept )  Duties  include:  Formulate 
and  define  systems  scope  and 
objectives  in  order  to  purchase, 
design,  develop  or  modify  infor¬ 
mation  systems.  Respon¬ 
sibilities  &  duties  include:  ID  and 
analysis  of  business  require¬ 
ments  geared  towards  applying 
computer  technology  to  busi¬ 
ness  processes;  creating  func¬ 
tional  specifications  and  pro¬ 
gramming  to  these  specifica¬ 
tions  where  no  suitable  vendor 
solution  has  been  identified  to 
solve  business  problem;  vendor 
application  software  research 
and  valuation;  installation  and 
customization  of  vendor  pack¬ 
ages  as  required  by  business 
community;  system  integration 
as  required  by  business  func¬ 
tionality;  creating  functional 
specifications  and  programming 
conversion  and  interface 
processes;  analysis,  preparation 
of  documentation  and  presenta¬ 
tion  to  the  Technology  Planning 
committee  on  SW  application 
systems  requested  to  be  devel¬ 
oped/purchased  by  the  business 
community;  act  as  a  liaison 
between  business  personnel  in 
the  ancillary  departments  and 
outside  vendors,  Central  IS  or 
other  business  units'  IS  commu¬ 
nities  on  any  IT-related  issues; 
and  provide  administrative  func¬ 
tionality,  training  and  application 
support  for  vendor  packages, 
where  appropriate.  Min  Reqt's: 
BS/BA  (foreign  equivalent 
accepted)  in  CS.  EE  or  related 
field  of  study  plus  2  years  exp.  in 
job  offered  or  2  years  exp.  in 
related  occupation  (i.e. 
Programming  or  Systems 
Analysis).  MUST  possess 
demonstrated  expertise  in  the 
following:  (1)  Major  system 
installation  including  develop¬ 
ment,  implementation,  and 
maintenance  of  distributed  sys¬ 
tems;  (2)  Programming  and 
Database  develop.  with: 
VB/C++,  Java,  MS  SQL  Server 
and  Access  databases;  (3) 
Applications  development  for 
financial  services  products  and 
industry  including  financial 
reporting;  and  (4)  Using  Crystal 
Reports.  PVCS  Dimensions,  or 
Installshield.  Basic  salary  pay 
range  is  $55,500-65,000  per 
year  FT  and  standard  company 
benefits.  EEO  Submit  2 
resumes  and  respond  to  Case 
No.  2002-02295,  Labor 
Exchange  Office,  19  Staniford 
Street,  1st  Floor.  Boston,  MA 
02114. 


Seeking  qualified  applicants  for  the 
following  positions  in  Colorado 

Application  Analyst  Plan,  direct  and 
coordinate  large-scale  IT  develop¬ 
ment  projects  and  serve  as  liaison 
between  developers  and  users. 
Requirements:  Bachelor's  degree  or 
equivalent*  in  computer  science, 
business,  math,  statistics  or  related 
field  plus  5  years  of  experience  in 
analyzing  business  systems  and 
developing  technical  automated 
solutions.  Expenence  with:  UNIX; 
Shell  Scripting;  and  CompuWare 
Automated  Test  Tools  also  required 
’Master's  degree  in  appropriate  field 
will  be  acceptable  and  will  offset  2 
years  of  general  experience  Sub¬ 
mit  resumes  to  Recruiting.  FedEx 
Corporate  Services.  350  Spectrum 
Loop,  Colorado  Springs,  CO  80921. 
EOE  M/F/D/V 


Software  engineers/system  ana¬ 
lyst  wanted  by  ASI  DataMyte,  a 
company  provides  total  quality 
solutions  for  the  manufacturing 
marketplace  Candidates  must 
have  BS  or  equivalent  with  min 
one-yr  experience.  Skills  in 
Oracle,  SQL.  Java  preferred. 
Apply  at  hr@asidatamyte  com. 
EOE 

Global  Consulting  is  looking  for 
programmer/system  analysts, 
software  engineers  Candidate 
must  have  BS  with  IT  experi¬ 
ence  Good  skills  In  C/C++, 
Java.  Oracle,  EJB.  J2BB. 
WebLogic,  V8,  HTML  are  plus. 
Traveling  is  required  for  some 
positions  Appiy  job@g-c-g.net 


SENIOR  PROGRAMMER  ANA¬ 
LYST;  (Ancillary  IS  support 
Dept.)  Duties  include:  Formulate 
and  define  systems  scope  and 
objectives  in  order  to  purchase, 
design,  develop  or  modify  infor¬ 
mation  systems.  Respon¬ 
sibilities  &  duties  include:  ID  and 
analysis  of  business  require¬ 
ments  geared  towards  applying 
computer  technology  to  busi¬ 
ness  processes;  creating  func¬ 
tional  specifications  and  pro¬ 
gramming  to  these  specifica¬ 
tions  where  no  suitable  vendor 
solution  has  been  identified  to 
solve  business  problem;  vendor 
application  software  research 
and  valuation;  installation  and 
customization  of  vendor  pack¬ 
ages  as  required  by  business 
community;  system  integration 
as  required  by  business  func¬ 
tionality;  creating  functional 
specifications  and  programming 
conversion  and  interface 
processes:  analysis,  preparation 
of  documentation  and  presenta¬ 
tion  to  the  Technology  Planning 
committee  on  SW  application 
systems  requested  to  be  devel¬ 
oped/purchased  by  the  business 
community;  act  as  a  liaison 
between  business  personnel  in 
the  ancillary  departments  and 
outside  vendors.  Central  IS  or 
other  business  units'  IS  commu¬ 
nities  on  any  IT-related  issues; 
and  provide  administrative  func¬ 
tionality.  training  and  application 
support  for  vendor  packages 
where  appropriate.  Min.  Reqt's: 
BS/BA  (foreign  equivalent 
accepted)  in  CS.  EE  or  related 
field  of  study  plus  2  years  exp.  in 
job  offered  or  2  years  exp.  in 
related  occupation  (i.e. 
Programming  or  Systems 
Analysis).  MUST  possess 
demonstrated  expertise  in  the 
following:  (1)  Major  system 
installation  including  develop¬ 
ment,  implementation,  and 
maintenance  of  distributed  sys¬ 
tems;  (2)  Programming  and 
Database  develop.  with: 
VB/C++,  Crystal  Reports,  MS 
SQL  Server  and  Access  data¬ 
bases;  (3)  Applications  develop¬ 
ment  for  financial  services  prod¬ 
ucts  and  industry  including 
financial  reporting;  and  (4)  Using 
PVCS  Dimensions.  Installshield, 
Unix  and  HTML.  Basic  salary 
pay  range  is  $55,500-65,000  per 
year  FT  and  standard  company 
benefits.  EEO.  Submit  2 
resumes  and  respond  to  Case 
No.  2002-02296,  Labor 
Exchange  Office.  19  Staniford 
Street,  1st  Floor,  Boston,  MA 
02114. 


Project  Manager  -  Oversee  in¬ 
stallation  of  computer  telecom¬ 
munications  integration  systems 
at  client  sites.  Obtain  system 
acceptance  at  completion.  Req'd: 
Bach.  Deg.  in  Comp.  Science, 
Business  Admin  ,  or  Eng'g,  5yrs. 
exp,  in  the  job  offered,  as  a 
Systems  Eng.,  or  in  a  computer 
telecommunications  integration 
occup.  Must  have  exp.  w /  LAN, 
WAN,  PBX,  &  CTI.  Must  be  flu¬ 
ent  in  Spanish  &  willing  to  travel 
extensively  through  out  the  US, 
Central,  &  S.  America.  Resume 
to:  NICE  Systems,  Inc.  301  Rte 
17  N„  10th  FI.,  Rutherford,  NJ 
07070.  Attn:  Geraldine  Farese. 


Vice  President  Global  Infor¬ 
mation  Technology  for  Fire 
Protection  and  Electronic 
Security  industry.  Candidate 
must  have  Bachelor's  degree 
in  Comp  Sci  or  equivalent,  10 
years  managerial  exp  in  IT 
field,  and  exp  in  ERP  imple¬ 
mentation  and  Baan.  Send 
resume  and  salary  require¬ 
ments  to:  communicationse@ 
sensormatic.com  or  mail  to 
Sensormatic  Electronics 
Corporation,  attn:  Human 
Resources  Department,  6600 
Congress  Avenue,  Boca 
Raton.  FL  33487. 


BUSINESS  SYSTEMS  ANA¬ 
LYST:  Duties  include:  Will  assist 
in  formulation  and  definition  of 
systems  scope  and  objectives  in 
order  to  purchase,  design, 
develop  or  modify  information 
systems.  Involved  in  supporting 
all  processes  concerning  sys¬ 
tems  analysis  and  programming, 
including  design  factors,  hard¬ 
ware  and  software  require¬ 
ments,  system  facilities,  and  job 
control  procedures.  Will  identify 
and  analyze  business  require¬ 
ments  geared  toward  applying 
computer  technology  to  busi¬ 
ness  processes.  Will  create 
functional  specifications  and 
derivative  programs  Will  con¬ 
duct  vendor  application  software 
research  and  evaluation  and 
install  customized  vendor  pack¬ 
ages  and  complete  system  inte¬ 
gration  as  required.  Will  analyze 
and  prepare  documentation  on 
application  systems  for  internal 
and  external  use.  Min.  Reqs.: 
BS/BA  (foreign  equivalent 
accepted)  in  CIS,  MIS.  Business 
or  related  field  of  study  plus  6 
months  exp.  in  job  offered  or  6 
months  exp.  in  related  occupa¬ 
tion  (i.e.  Systems  Analysis  for 
Business  Applications).  MUST 
possess  demonstrated  experi¬ 
ence  and  working  knowledge  in 
the  following:  (1)  Training,  evalu¬ 
ating  and  administering  SW 
packages;  (2)  Database  model¬ 
ing  and  reporting;  and  (3)  SW 
implementation  -  including  test¬ 
ing  and  process  mapping  to 
meet  business/financial  require¬ 
ments.  Basic  pay  is  $55,952  per 
year  FT  and  standard  company 
benefits.  EEO.  Submit  2 
resumes  and  respond  to  Case 
No.  2002-02288,  Labor 
Exchange  Office,  19  Staniford 
Street,  1st  Floor,  Boston,  MA 
02114. 


Programmer  Analyst.  Analyze 
customer  system  reqmts  using 
Unified  Process,  prototyping  & 
other  methodologies  &  recom¬ 
mend  course  of  action; 
research,  test,  recommend,  & 
implmt  h/ware  &  s/ware  pur¬ 
chases;  dvlp  new  &/or  modify 
existing  systms.  ind  writing 
prgm  specs,  coding  &  dsgng 
data  bases;  create  test  plans  & 
eval  test  reports;  provide  pro¬ 
duction  &  customer  support.  BS 
in  Math  or  related  field  or  equiv 
education  &  exp  +  3  yrs  exp  as 
Systms  Analyst,  Prgmr  or  similar 
duties  under  a  different  job  title. 
Exp  must  incl:  prgmg  in  COBOL; 
systms  analysis  &  dsgn;  systms 
&  data  processing  policies,  prac¬ 
tices  &  procedures;  mainframe 
&/ or  client-server  envrmts. 
Demonstrated  written  &  oral 
communication  skills.  40hrs/wk, 
$61K/yr.  Must  have  proof  of 
legal  auth  to  work  in  US.  Send 
your  resume  to  IA  Workforce 
Center,  215  Watson  Powell  Jr. 
Way,  Des  Moines,  IA  50309- 
1727.  Please  refer  to  Job  Order 
#IA1101762.  Employer  paid  ad. 


Software  Engineers  &  Prog¬ 
rammers:  Analyze,  design, 
develop,  test  and  maintain  a 
highly  sophisticated/interac¬ 
tive  Web  Portal,  e-commerce 
and  content  management 
system  encompassing  over 
500  categories  and  22,000 
products/services  and  soft¬ 
ware  solutions  employing 
state  of  the  art  engine  search 
technology  including  DB2  7.0, 
WebSphere  3.5,  IBM  Server, 
Tomcat,  Oracle/Oracle  9iAS, 
WebLogic,  Microsoft  Visio, 
UML,  P3P,  IBM  policy  Editor, 
SilverPop  &  Accucast  email 
servers,  SalesLogix,  Prof¬ 
icient,  Web  Trends  &  KeyLine 
tracking,  Starteam,  Unix  Shell 
Scripting,  Ultra  edit,  Top  Style 
Pro,  XML,  J2EE  and  related 
technologies.  For  Info  or  to 
apply,  contact  Human 
Resources,  KnowledgeStorm, 
Inc.,  2520  Northwinds 
Parkway,  Suite  300, 
Alpharetta,  GA  30004.  EOE. 
No  phone  calls  please 


Senior  Oracle  Database  Adm¬ 
inistrator  -  Train  junior  level 
Oracle  Database  Administrators 
Implement  and  maintain  Oracle 
databases.  Plan,  coordinate  and 
administer  Oracle  11  i  application 
components  and  databases 
including  perform  account  main¬ 
tenance.  maintain  security 
integrity  controls,  create  data¬ 
base  objects,  install  and 
upgrade  production  and  devel¬ 
opment/test  databases.  Data¬ 
base  and  application  upgrades, 
capacity  planning  and  space 
management,  standards  devel¬ 
opment,  operational  guidelines 
and  protection.  Plan  and  per¬ 
form  backup  and  recovery 
strategies.  Monitor/tune  and 
optimize  database  performance. 
"On-call"  duties  for  mission  criti¬ 
cal  applications  and  implemen¬ 
tation  of  database  replication 
and  system  interfaces.  Assume 
database  responsibilities  in  sup¬ 
port  of  application  implementa¬ 
tion  efforts.  Specialized  in 
RDBMS  and  UNIX.  Require¬ 
ments  include  a  Bachelors 
degree  or  equivalent  in 
Computer  Science,  Automatic 
Control  or  related  field  and  five 
years  of  work  experience  in  the 
job  offered  or  related  field  of 
database  administration  using 
knowledge  in  SQL,  UNIX,  UNIX 
SHELL,  Client/Server,  RDBMS, 
ORACLE  APPLICATIONS  111, 
ORACLE  81,  Web  server. 
Windows  and  Windows  NT. 
Applicants  must  have  unrestrict¬ 
ed  authorization  to  work  in  the 
United  States.  Salary  $72,421/ 
year.  40  hours/wk.  Respond 
with  two  copies  of  resume  to 
Case  #200202574,  Labor 
Exchange  Office,  19  Staniford 
St„  1st  FI.,  Boston,  MA  02114. 


Software  Engineer 
(Bioinformatics) 

Genaissance  Pharmaceuticals,  Inc. 
has  an  immediate  opening  in  its 
New  Haven,  Connecticut  facility  for 
a  Software  Engineer  (Bioinformat¬ 
ics).  Will  develop  and  execute  soft¬ 
ware  system  test  plans  and  perform 
various  database,  data  mining,  inte¬ 
gration  research,  and  design  and 
testing  assignments  in  the  develop¬ 
ment  of  computer  systems  and  ap¬ 
plications  in  the  field  of  Bioinformat¬ 
ics.  Must  possess  a  Ph.D.  in  Life 
Sciences,  Mathematics,  Physics,  or 
Computer  Science;  and  relevant 
work  experience,  including  experi¬ 
ence  with  mathematical  modeling 
and  concepts,  such  as  probability 
and  statistical  inferences  and  algo¬ 
rithmic  proofs,  socket  programming 
for  BSD  Kernel  and  Java.  Oracle 
computing-based  environment,  Ja¬ 
va  and  SQL  programming  lang¬ 
uages,  and  UNIX  operating  system. 

Resume  and/or  cover  letter  must 
reflect  each  requirement  above  and 
specify  reference  code  SZ/SEB  or  it 
will  be  rejected.  Forward  resume  to: 
Leigh  Webb,  Human  Resources 
Associate,  Genaissance  Pharma¬ 
ceuticals,  Inc.,  Five  Science  Park, 
New  Haven,  CT  06511.  We  are  an 
equal  opportunity  employer. 


COMPUTER 

Accelrys,  Inc.,  a  leading  provider 
of  scientific  software  for  biolo¬ 
gists,  chemists  and  materials 
scientists,  has  a  SOFTWARE 
ENGINEER  position  available  in 
San  Diego,  CA.  Requires  Ph.D. 
in  Computer  Science,  Electrical 
Engineering  or  a  related  field.  1 
year  of  experience  in  the  job 
offered  or  1  year  of  experience 
in  a  related  occupation  (software 
development).  Academic  back¬ 
ground  or  work  experience  to 
include:  1)  Microsoft  COM- 
based  multi-layer  architecture 
design  and  programming;  2) 
J2EE  multi-layer  architecture 
design  and  programming 
(HTML,  Java  and  EJB);  3) 
Object-oriented  programming 
(C++,  Java);  4)  Algorithm  design 
and  development  (text-mining 
algorithms  and  knowledge  man¬ 
agement  algorithms);  and  5) 
User  interface  design  and  devel¬ 
opment.  Mail  resume  Accelrys, 
Inc.,  Attn:  HR  Dept.,  9685 
Scranton  Rd.,  San  Diego,  CA 
92121.  Job  Ref  #16000-1 


Analyst/Project  Programmer 

The  Medical  College  of  Wisconsin  is 
seeking  Analyst/Project  Program¬ 
mers  for  its  Bioinformatics  Research 
Center.  The  Analyst/Project  Pro¬ 
grammer  is  responsible  for  working 
with  project  scientists  and  other  pro¬ 
ject  collaborators  to  design,  devel¬ 
op,  implement,  and  provide  mainte¬ 
nance  support  for  web  database 
applications  for  biological  and  med¬ 
ical  scientific  research.  Qualified 
candidates  for  this  position  must 
possess  a  Master's  degree  in  Bioin¬ 
formatics  or  a  related  field,  and  have 
background  working  with  GLEAMS- 
3.0;  TIGR  Microarray  Analysis  soft¬ 
ware  suite;  rational  software  tools 
and  UML;  XML,  XSL,  UDDI.  WSDI 
and  NLP  technologies.  Interested 
applicants  please  provide  a  resume 
and  a  cover  letter  with  salary 
requirements: 

Medical  College  of  Wisconsin 
Attn:  Employment  Office  -  JMC0728 
8701  Watertown  Plank  Rd. 
Milwaukee,  Wl  53226 
Fax:  414-456-6502 


DATABASE  ADMINISTRA¬ 
TOR.  Design,  code,  test, 
implement  &  manage  med 
school  admissions/activity/ 
marketing  data  base  based 
on  spec  mgt  system  using 
custom  Microsoft  access. 
Plan  system  wide  security 
measures.  8:30AM-5PM 
B.Sc.  in  Computer  Science  & 
1  yr  exp  as  programmer,  ana¬ 
lyst  or  consultant  in  field. 
Salary  comm  with  exp. 
Resume  to  MEIO,  901  Ponce 
De  Leon  Blvd,  #401,  Coral 
Gables,  FL  33134. 


Seeking  qualified  applicants  for 
the  position  of  Senior  Network/ 
Systems  Design  Engineer  to 
help  innovate  and  specify  new 
product  &  platform  architectures 
for  optical  networking  systems. 
Position  requires  a  Bachelor's 
Degree  in  Electrical  or  Elec¬ 
tronics  and  Communications 
Engineering  or  related  discipline 
and  6  years  of  relevant  experi¬ 
ence  in  network  systems  design, 
architecture  and  operations 
within  the  optical  networking 
industry.  Submit  resume  to: 
Director  of  Engineerng, 
Memphis  Networx,  LLC,  7620 
Appling  Center  Drive,  Memphis, 
TN  38133. 


Prog/Analysts  (Job40)  to  analyze, 
design  appls  using  C++,  Java, 
EJB,  JSP,  Jscript,  Servlets,  XML, 
HTML,  Weblogic  Server,  Oracle, 
under  Windows  /UNIX  OS;  per¬ 
form  unit,  functional,  integration, 
regression  &  systems  level  test¬ 
ing;  analyze  user  reqs,  prepare 
design  documents;  develop/en¬ 
hance  online  &  batch  programs; 
implement,  install,  test,  debug  & 
modify  new/existing  appls.  Re¬ 
quire:  BS  or  foreign  equiv.  in 
CS/Engg.  (any  branch)/Math  & 
2yrs  of  exp.  in  IT.  F/T  Resumes 
to:  Pricilla  Vickers,  Transplace, 
509  Enterprise  Drive,  Lowell,  AR 
72745,  Must  specify  on  cover  let¬ 
ter  applying  to  Job  40 


Seeking  qualified  applicants  for  the 
following  positions  in  Memphis,  TN: 
Senior  Proiecl  Analyst  Sales 

Serve  as  advisor  for  new  services, 
sales  and  compensation  systems 
projects.  Requirements:  Bachel¬ 
or's  degree*  or  equivalent  in  MIS, 
business  or  related  field  plus  5 
years  of  experience  in  planning  and 
analysis.  Expenence  in  developing 
database  quenes  for  performance 
trend  analysis  and  in  developing/ 
maintaining  vanable  compensation 
programs  also  required.  ’Master's 
degree  in  approphate  field  will  off¬ 
set  2  years  of  general  experience 
Submit  resumes  to  Sibi  George, 
FedEx  Corporate  Services.  1900 
Summit  Tower  Blvd  .  Suite  1400, 
Odando.  FL  32810  EOE  M/F/D/V 


Computer  Professionals: 
Infowave  Systems,  Inc,  an  IT 
consulting  firm  is  looking  for 
qualified  individuals  with  mini¬ 
mum  of  two  years  expenence  in 
software  design  and  develop¬ 
ment  to  work  at  vartous  client 
sites  throughout  US  Specifically 
we  have  the  following  openings: 
SAP  ERP  Engineers.  Oracle 
Data  Warehouse  Engineers. 
Oracle  Software  Engineers, 
Oracle  Database  Administrators, 
Microsoft  and  ERP  Engineers, 
Java  Engineers,  Systems  Anal¬ 
ysts,  and  MF  Data  Warehouse 
Engineers.  Send  resume  to: 
Infowave  Systems,  Attn  HRD. 
39  Central  Square,  Ste.  201A. 
Keene,  NH  03431. 


Computer  Programmer 
Analysts  needed.  See¬ 
king  qualified  candi¬ 
dates  possessing  MS/ 
BS  or  equiv.  and/or  rel¬ 
evant  work  exp.  Work 
with  3  of  the  following: 
Unix,  C++,  Java,  SQL. 
Send  resume  &  ref.  to 
ICSS,  Inc.,  Attn:  HR, 
1000  Morrison  Rd.,  #E, 
Gahanna,  OH  43230. 


Systems  Analysts  to  work  as 
consultants  at  client  sites  in 
the  U.S.  and  abroad.  Implmt. 
customize  &  upgrade  Oracle 
ERP  s/ware  pkgs.  Reqs: 
BA/BS  in  Comp  Sci,  Eng'g. 
Bus,  Logistics,  HR.  or  related 
field  +  2  yrs  exp  w/Oracle 
Apps  or  DB’s.  Send  resumes, 
refs  and  salary  req's  to  Attn: 
HR,  IT  Convergence,  150  E. 
Gilman  St.,  Suite  B2200, 
Madison,  Wl  53703  or 
resume@itconvergence.com. 


Seeking  qualified  applicants  for  the 
following  positions  in  Orlando,  FL: 
Senior  Programmer  Analyst-  Form- 
ulate/define  functional  require¬ 
ments  and  documentation  based 
on  accepted  user  criteria.  Re¬ 
quirements:  Bachelor's  degree  or 
equivalent  in  computer  science. 
MIS,  engineering  or  related  field 
plus  5  years  of  experience  in  sys¬ 
tems/applications  development 
Experience  with  C  and/or  C++:  and 
UNIX  also  required.  (Master's 
degree  in  appropriate  field  will  off¬ 
set  2  years  of  general  experience.) 
Submit  resumes  to  Sibi  George. 
FedEx  Corporate  Services.  1900 
Summit  Tower  Blvd..  Suite  1400, 
Orlando.  FL  32810.  EOE  M/F/D/V 


Systems  Analyst  -  (Philadelphia, 
PA)  Research,  design.  &  develop 
existing  computer  system  Analyze, 
design,  test.  &  implement  applica¬ 
tions  supporting  the  system  &  de¬ 
termine  feasibility  of  design  Con¬ 
sult  with  eng'g  staff  to  evaluate 
interface  between  hardware  &  soft¬ 
ware  &  operational/performance 
requirements  of  overall  system 
Investigate  &  correct  system 
problems  Req'd  Bach  Deg  in 
Comp  Science  or  Eng’g,  &  2yrs 
exp.  in  the  job  offered  or  as  a 
Analyst  or  Programmer  Must  have 
exp  w /  VB  4  0,  FoxPro.  &  Clipper 
Resume  to  Pinkerton  Computer 
Consultants.  140  Broadway. 
23rd  FI.  New  York.  NY  10005 
Attn  John  Wighton 


Computerworld  •  InfoWorld  •  Network  World  •  July  28,  2003 


NWOJ0/2SE/W/MW  3 


www.nwfusion.com 


7/28/03 


NetworkWorld 


NetworkWorld 


Editorial  Index 


AirDefense 

17 

AltiGen  r.nmmnniratinns 

_ 3a 

Air  tea 

25 

Avaya 

10 

■  B 

BMC  Software 

_ 21 

BriohimaiL  

21 

■  C 

Cisco 

1.  in  sa 

ConfioureSoft 

24 

■  D 

Deli 

_ 12 

Digex 

41 

Document  um 

35 

■  E 

EMC- 

_ 1 

Enterasvs  

39 

■  F 

F5  Networks 

12 

FiberLink 

25 

Fnnnriry  Networks  17 

■  G 

Groove  Networks 

35 

Advertiser  Index 


Advertiser 

Aren 


Pago  * _ 

41  www  arrnirip  rnm/n1 


iQiil 


Avnr.enl  f.nrp 


49  www  avnr.pnt  mm/arivantagp 


Buyiiplime.r.om 


45 


..-www.huyupt  imfi.com 


Cnvari  Communications 

Cyr.ladft.s  Cnrp 


2Q www.covad.com/tlchalienge 

42_www.r.yr-ladps.rnm/nw 


DEMOmohiie  2003 


38  www.idQpf.cnm/rifimnmQhilfi 


EMC  Corp 


lfi 


.www£MC.com 


Elmn  Software 


26 


www.elrnn.snftwarp.-r.nm/nnspam 


Global  Technology  Associates  45 


www.gta.com 


IBM.  Corp 


3Q-2.1 


www.ihm.rnm/shnp/m191 


IBM  Corp 


57  www  ihm  rnm/dh9/intpgratp 


Network  World  Fusion  -  www.nwfusion.com 

3COM  netVmg 

Adtran  Norwich  University 

Aiterpomt  NSI  Software 

Aspelle  OmniCluster  Technologies 

Avaya  OpenNet  works 


MovinCnnl 

47 

www  mnvinrfml  rom 

MCI  

29 

Cerp  9.  S  rem/»,,,vXce,-,,ertnm 

N».uu™-I,  Inc,  1  1  T  Xfi  a«  nol^V.nOr, , mania  rnm 

19 

48  

44 

SAP 

9 

48 

15 

11 

46.47 

Winternals  Software 

13 

www.wintprnal-sr.om 

28. 


HE 

8.  in.  12 

■  1 

IBM 

in.  12  18  58 

ICohere  . 

35 

■  K 

Kubi  Software 

36 

■  L 

1  AN  Desk 

24 

■  M 

MCI 

95 

Microsoft 

8.  in.  24.  56 

■  N 

Neoteris 

_ 25 

NetScaier 

12 

Novell 

8 

■  P 

Proof  mint _ 

_ 21 

■  R 

Rookliffe 

21 

■  S 

SCO  Group _ 

8^55 

Shavlik  Technologies 

24 

Sony 

28 

Sophos 

21 

Spectral  ink 

39 

Sprint 

25 

St.  Bernard  Software 

24 

Si  in 

12 

Symantec   .  .  .. 

 24 

■  T 

Toshiba _ 

OQ 

■  u 

1  litre Bac  Software 

17 

uRoam 

12 

■  V 

Veri/on 

25 

Vircnm 

21 

Vocera  Communications 

39 

Voltaire  17 

■  w 

Wheels  of  7eus 

ia 

Brocade 

Calendra 

CDW 

Cisco  Systems 
Compuware 

CoSine  Communications 
Critical  Path 
Crucial  Technology 
Dell 
EMC 

Expand  Networks 
Expertcity 
Extreme  Networks 
Fidelia 
Forescout 

Freshwater  Software 

Fujitsu 

Gateway 

Heroix 

IBM 

Intel 

Internet  Security  Systems 

Iomega 

Kentrox 

Managed  Service  Partners 

NEC 

Neoteris 

NetIO 

NetOoS 

Netscreen  Technologies 
NetSupport 


Palm,  Inc. 

Permeo 
Proactive  Net 
Qualcomm 
Quantum  NSU 
Quintum  Technologies 
Redline  Networks 
RouteScience 
RSA  Security 
SeeBeyond 
Seranoe  Networks 
Siemens 
Sonexis 

Sony  Electronics 
Sprint 

SSH  Communications  Security 

Stalker  Software 

Statscout  Pty  Ltd 

Telogy/Texas  Instruments 

Trusecure 

Tyco  Electronics 

Valencia  Systems 

Verisign 

VIEO,  Inc. 

Watchguard  Technologies 

Wavelink 

Websense 

Whale  Communications 
Winternals  Software 
World  Data  Products 
Xythos  Software 


These  indexes  are  provided  as  a  reader  service.  Although  every 
effort  has  been  made  to  make  them  as  complete  as  possible,  the 
publisher  does  not  assume  liability  for  errors  or  omissions. 


•Indicates  Regional  Demographic 


NetworkWorld 

■  SEMINARS  EVENTS 


Network  World  Seminars 
and  Events  are  one  and  two- 
day.  intensive  seminars  in 
cities  nationwide  covering 
the  latest  networking  technologies.  All  of  our  seminars  are 
also  available  for  customized  on-site  training.  For  complete 
and  immediate  information  on  our  current  seminar  offerings, 
call  a  seminar  representative  at  800-643-4668.  or  go  to 
www  nwfusion.com/seminars. 


Publicize  yeur  press  coverage  in  Network 
World  by  ordering  reprints  of  your  editorial 
mentions.  Reprints  make  great  marketing 
materials  and  are  available  in  quantities  of 
500  and  up.  To  order,  contact  Reprint 
Management  Services  at  (717)  399-1900  x129 
or  E-mail:  mshober@repnntbuyer.com 


■  Network  World.  Inc. 

118Tumpike  Road,  Southborough,  MA  01772 
Phone:  (508)  460-3333 

TO  SEND  E-MAIL  TO  NWW  STAFF 

firstname_lastname@nww.com 

EvileeThibeault,  CEO/Publisher 

John  Gallant,  President/Editorial  Director 

Eleni  Brisbois,  Administrative  Planning  Manager 

FINANCE 

Mary  Fanning,  Vice  President  Finance 

Paul  Mercer,  Finance  Manager 

Betty  Amaro-White,  Event  Finance  Manager 

HUMAN  RESOURCES 

Elizabeth  Price,  Director  of  Human  Resources 
Eric  Cormier,  Human  Resources  Representative 

MARKETING 

TerryAnn  Croci,  Senior  Director  of  Marketing 
Barbara  Sullivan,  Senior  Research  Analyst 
Judy  Schultz,  Senior  Marketing  Designer 
Cindy  Panzera,  Graphic  Specialist 

GLOBAL  PRODUCT  SUPPORT  CENTER 

Nancy  Sarlan-Parquette,  Sr.  Product  Marketing  Manager 

PRODUCTION  SERVICES 

Greg  Morgan,  Senior  Director,  Production  Services 
Karen  Wallace,  Senior  Director,  Advertising  Operations 
Mike  Guerin,  Senior  Production  Specialist 
JamiThompson, Traffic  Coordinator 
VeronicaTrotto,  Advertising  Coordinator 
Maro  Eremyan,  Advertising  Coordinator 
CIRCULATION 

Richard  Priante,  Senior  Director  of  Circulation 
Bobbie  Cruse,  Subscriptions  Manager 
Mary  Mclntire,  Circulation  Marketing  Manager 

RESEARCH 

Ann  MacKay,  Research  Director 

DISTRIBUTION 

Bob  Wescott,  Distribution  Manager/(508)  879-0700 

IDG  LIST  RENTAL  SERVICES 

Paul  Capone,  Account  Executive 

P.O.  Box  9151,  Framingham,  MA  01701-9151 

(800)  343-6474/(508)  370-0825,  FAX:(508)  370-0020 

SEMINARS,  EVENTS  AND  IDG  EXECUTIVE  FORUMS 

Robin  Azar,  Vice  President  of  Events 

Michele  Zarella,  Director  of  Operations 

Dale  Fisher,  Event  Planner 

Kristen  Kennedy,  Event  Coordinator 

Sandra  Gittlen,  Events  Editor 

Neal  Silverman,  Senior  Director  of  Event  Sales 

Andrea  D'Amato,  Sales  Director/Strategic  Partnerships 

Kristin  Ballou-Cianci,  Senior  Event  Sales  Manager 

Sandy  Weill,  Event  Sales  Manager 

Maureen  Riley,  Event  Sales  Manager 

Judy  Tyler,  Sales  Operations  Specialist 

Karyn  Williams,  Managing  Dir.  of  Conference  Development 

Mark  Hollister,  Senior  Director  of  Event  Marketing 

Debra  Becker,  Dir.,  Marketing  &  Audience  Development 

Sara  Evangelous,  Marketing  Manager 

Timothy  Johnson,  Marketing  Specialist 

Tim  DeMeo,  Senior  Operations  Specialist 

ONLINE  SERVICES 

Alonna  Doucette,  Vice  President,  Online  Development 

Hillary  Freeley,  Director,  Online  Operations 

Adam  Gaffin,  Executive  Editor,  Online 

Melissa  Shaw,  Managing  Editor,  Online 

Jason  Meserve,  Multimedia  Editor 

Sheryl  Hodge,  Online  Copy  Chief 

CUSTOMER  ACCESS  GROUP 

W.  Michael  Draper,  V.P.  of  Technology  &  Business  Operations 

Sharon  Stearns,  Mgr.  Customer  Access  Operations 

Cara  Peters,  Project  Support  Specialist 

Deborah  Vozikis,  Design  Manager  Online 

INFORMATION  SYSTEMS/BUSINESS  SERVICES 

W.  Michael  Draper,  V.P.  of  Technology  &  Business  Operations 

Anne  Nickinello,  Senior  Systems  Analyst 

Tom  Kroon,  Senior  Software  Engineer/Architect 

William  Zhang,  Senior  Software  Engineer 

Rocco  Bortone,  Senior  Network  Manager 

Peter  Hebenstreit,  Senior  Network/Telecom  Engineer 

Kevin  O'Keefe,  Systems  Support  Manager 

Brian  Wood,  Senior  Systems  Support  Specialist 

Puneet  Narang,  Manager  of  Database  Technologies 

Frank  Coelho,  Senior  Manager,  Business  Services 

LisaThompson,  Business  Services  Administrator 

Mark  Anderson,  Business  Services  Supervisor 


Sales  Offices 


Carol  Lasker,  Associate  Publisher/Vice  President 
Jane  Weissman,  Sales  Operations  Coordinator 
Internet:  clasker,  jweissman@nww.com 
(508)  460-3333/FAX:  (508)  460-1237 

New  York/New  Jersey 

Tom  Davis,  Associate  Publisher,  Eastern  Region 
Elisa  Della  Rocco,  Regional  Sales  Manager 
Agata  Joseph,  Sales  Associate 
Internet:  tdavis,  elisas,  ajoseph@nww.com 
(201)  587-0090/FAX:  (201)  712-9786 

Northeast 

Donna  Pomponi,  Regional  Sales  Manager 
Caitlin  Horgan,  Sales  Assistant 
Internet:  dpomponi,  chorgan@nww.com 
(508)  460-3333/FAX:  (508)  460-1237 

Mid-Atlantic 

Jacqui  DiBianca,  Regional  Sales  Manager 
Marta  Hagan,  Sales  Assistant 
Internet:  jdibian,  mhagan@nww.com 
(610)  971-1530/FAX:  (610)  975-0837 

Midwest/Central 

Eric  Danetz,  Regional  Sales  Manager 
Agata  Joseph,  Sales  Associate 
Internet:  edanetz,  ajoseph@nww.com 
(201)  587-0090/FAX:  (201)  712-9786 

Northern  California/Northwest 

1  Sandra  Kupiec,  Associate  Publisher,  Western  Region 
Karen  Wilde,  Regional  Sales  Manager 
Miles  Dennison,  Regional  Sales  Manager 
Maricar  Lagura,  Office  Manager/Sales  Assistant 
Teri  Lowe,  Sales  Assistant 
Internet:  skupiec,  kwilde,  mdennison,  mlagura, 
tlowe@nww.com 

(510)  768-2800/FAX:  (510)  768-2801 

Southwest/Rockies 

Becky  Bogart  Randell,  Senior  District  Manager 
Angela  Norton,  Sales  Assistant 
Internet:  brandell,  anorton@nww.com 
J949)  250-3006/ FAX:  (949) JJ33-2857 

Southeast 

Don  Seay,  Regional  Sales  Manager 
Caitlin  Horgan,  Sales  Assistant 
Internet:  dseay,  chorgan@nww.com 
(404)  845-2886/FAX:  (404)  250-1646 

Customer  Access  Group 

1  Tom  Davis,  Assoc.  Publisher  Eastern  Region/General 
Manager,  Customer  Access  Group 
Shaun  Budka,  Director,  Customer  Access  Group 
Kate  Zinn,  Sales  Manager,  Eastern  Region 
Caitlin  Horgan,  Sales  Assistant 
Internet:  tdavis,  sbudka,  kzinn,  chorgan@nww.com 
(508)  460-3333/FAX:  (508)  460-1237 _ 


A 


Fusion 

Alonna  Doucette,  Vice  President  Online  Development 
James  Kalbach,  Director,  Online  Services 
Stephanie  Gutierrez,  Online  Account  Manager 
Debbie  Lovell,  Online  Account  Manager 
Kristin  Douglas,  Online  Operations  Manager 
Internet:  adoucette,  jkalbach,  sgutierrez,  dlovell, 
kdouglas@nww.com 
(610)  341-6025/FAX:  (610)  971-0557 


MARKETPLACE 

Response  Card  Decks/MarketPlace 

Richard  Black,  Director  of  Marketplace 
Karima  Zannotti,  Senior  Account  Manager 
Enku  Gubaie,  Senior  Account  Manager 
Amie  Gaston,  Account  Manager 
Chris  Gibney,  Sales  Operations  Coordinator 
Internet:  rblack,  kzannott,  egubaie,  agaston, 
cgibney@nww.com 
(508)  460-3333/FAX:  (508)  460-1192 

IT  CAREERS 

Vice  President,  Nancy  Percival,  East  Regional  Manager, 
Deanne  Holzer,  Midwest/West  Regional  Manager,  Laura 
Wilkinson,  Sales/Marketing  Associate,  Joanna  Schumann 
(800)  762-2977/FAX:  (508)  875-6310 


■  IDG 

Patrick  J.  McGovern,  Chairman  of  the  Board 
Pat  Xenealy.  CEO 

Network  World  is  a  publication  of  IDG.  the  world's  largest 
publisher  of  computer-related  information  and  the  leading 
global  provider  of  information  services  on  information  tech¬ 
nology,  IDG  publishes  over  275  computer  publications  in  75 
countries.  Ninety  million  people  read  one  or  more  IDG  publi 
cations  each  month.  Network  World  contributes  to  the  IDG 
News  Service,  offering  the  latest  on  domestic  and  interna¬ 
tional  computer  news. 


X  X 


7/28/03 


News 


www.nwfusion.com 


DNS 

continued  from  page  1 

While  RFID  and  Enum  still  face 
privacy  and  political  issues 
before  mass  implementation, 
DNS  is  helping  prove  these  tech¬ 
nologies  are  solid.  Along  with 
intranets,  RFID  and  Enum  are 
fueling  the  growth  of  DNS,  with 
DNS  entries  expected  to  double 
in  number  every  year  for  the  next 
five  years. 

DNS  has  been  humming  along 
since  June  1983,  matching  Inter¬ 
net  names  to  IP  addresses  and 
helping  deliver  e-mail  and  Web 
pages.  The  largest  and  most  suc¬ 
cessful  globally  distributed  data¬ 
base,  with  1  billion  entries,  the  20- 
year-old  lookup  service  need  not 
be  reinvented  to  be  an  integral 
part  in  the  new  crop  of  potentially 
revolutionary  technology  ad¬ 
vances. 

“In  a  sense,  we  have  moved  up 
one  level  in  the  kind  of  problems 
that  people  are  thinking  of 
attacking  with  DNS.  It’s  not  just 
keeping  track  of  hosts  now.  It’s 
now  higher-level  services,”  says 
Paul  Mockapetris,  who  created 
DNS  at  the  University  of  Southern 
California  and  is  now  the  chief 
scientist  and  chairman  of  Nomi- 
num,  which  develops  IP  address 
management  software.  Mocka¬ 
petris  says  DNS  also  one  day 
could  help  simplify  PK1  security. 

The  new  capabilities  debunk 
what  Mockapetris  says  is  one  of 
the  biggest  myths  about  DNS  — 
that  it  has  peaked. 

“DNS  has  turned  into  a  build¬ 
ing  block  underneath  a  number 
of  these  other  naming  systems,” 
he  says. 

In  1 999,  researchers  at  the  Auto- 
1D  Center  at  the  Massachusetts 
Institute  of  Technology  theorized 
that  they  could  make  RFID  tags 


less  expensive  by  offloading 
some  data  stored  on  the  tags  to 
the  network,  therefore  reducing 
data  storage  and  silicon  needs. 
“But  the  question  was,  how  do 

Convergence 


you  connect  the  unique  number 
associated  with  the  RFID  tag  to 
the  data?”  says  Sanjay  Sarma,  as¬ 
sociate  professor  of  mechanical 
engineering  at  MIT  and  chair¬ 
man  of  the  Auto-1  D  Center.  The 
center  is  a  non-profit  partnership 
between  100  global  companies, 
MIT,  the  University  of  Cambridge 
in  England,  the  University  of 
Adelaide  in  Australia,  Keio  Uni¬ 
versity  in  Japan  and  the  Univer¬ 
sity  of  St.  Gallen  in  Switzerland. 
The  center  is  working  on  creat¬ 
ing  the  standards  and  assem¬ 
bling  the  building  blocks  needed 
to  create  an  “Internet  of  things.” 

To  make  the  connection  be¬ 
tween  the  RFID  tag  and  the  net¬ 
work-stored  data,  the  center  devel¬ 
oped  the  Object  Naming  Service 
(ONS),  which  is  built  on  top  of 
DNS.  ONS  converts  an  electronic 
product  code  into  a  domain 
name  that  can  be  looked  up  on  a 
local  DNS  cache  or  a  DNS  server 
on  the  Internet. Once  the  DNS  pin¬ 
points  where  the  product  data  is 
stored,  it  can  be  downloaded. 

“DNS  is  so  beautifully  designed 


and  so  simple  that  it  took  very  lit¬ 
tle  work  to  seamlessly  incorpo¬ 
rate  it,”  Sarma  says.  DNS  also 
addressed  the  problem  of  scala¬ 
bility.  “We  realized  that  DNS  has 


caching  and  time-to-live  records 
and  that  many  lookups  would 
happen  in  a  local  cache  and 
never  go  out  to  the  Internet.” 

It’s  that  same  scalability  that  led 
IETF  to  latch  onto  DNS  for  Enum. 
The  pending  standard  will  make 
it  possible  to  convert  telephone 
numbers  into  Internet  addresses. 
This  means  a  caller  knowing  only 
a  telephone  number  can  use  a 
range  of  Internet  services  —  such 
as  voice,  e-mail  and  conferencing 
—  to  reach  another  user. 

“The  unique  thing  about  DNS  is 
that  it  is  a  public  database,  it’s  not 
a  telecom  database  that  is  owned 
by  a  carrier  and  that  you  need 
approval  and  payments  for  ac¬ 
cess,”  says  Kevin  McCandless, 
senior  manager  for  engineering 
and  construction  at  VeriSign.  Mc¬ 
Candless  is  the  author  of  several 
documents  before  the  IETF’s 
Enum  working  group  and  Veri- 
Sign’s  representative  at  the  Enum 
Forum,  a  collection  of  firms  de¬ 
veloping  Enum-based  products. 

With  DNS  as  its  location  ser¬ 
vice,  Enum  eventually  could  lead 


a  telecom  revolution  using 
phone  numbers  based  on 
International  Telecommunica¬ 
tion  Union  E.164  format. 

“This  is  all  a  huge  threat  to  the 


ILECs,”  says  Dave  Passmore,  an 
analyst  with  Burton  Group.  “The 
cable  companies  are  starting  to 
offer  phone  service  and  it  is 
clear  they  will  use  SIP-based  IP 
telephon/ 

DNS  creator  Mockapetris  looks 
at  Enum  and  RFID  and  sees  the 
next  level  of  intelligence  for  DNS. 
Mockapetris  says  he  thinks  DNS 
could  provide  a  foundation  for  a 
PK1  system  that  could  help  fight 
Internet-based  identity  theft. 

“You  could  use  the  DNS  as  a 
transport,  as  a  way  to  carry  PK1 
information  around,”  he  says.“You 
know  if  you  could  do  that,  DNS  is 
a  protocol  that  every  Internet 
device  could  speak.  Of  course, 
there  is  a  lot  of  stuff  you  would 
have  to  add  to  make  it  work.” 

Other  concerns  remain. 

Improperly  configured  DNS 
servers  at  corporations  continue 
to  present  vulnerabilities.  A 
downed  corporate  DNS  server 
today  means  a  company  disap¬ 
pears  from  the  Internet,  but  in  the 


future  it  also  could  knock  out 
phone  service  or  other  modes  of 
real-time  communication. 

Today,  nearly  70%  of  corporate 
DNS  servers  have  configuration 
problems,  a  figure  that  has 
remained  steady  over  the  years, 
according  to  Men  &  Mice,  a  DNS 
software  and  consulting  firm. 

And  the  addition  of  new  data 
types, such  as  those  for  Enum  and 
RFID,  will  pose  management 
problems  for  companies.  Mocka¬ 
petris  says  a  new  generation  of 
tools  will  be  needed  to  mask  the 
complexity  “Originally  we  built 
DNS  so  it  was  very  simple  to  con¬ 
figure,  but  everybody  was  a  com¬ 
puter  scientist,”  he  says.  “We  need 
more  automatic  tools  to  monitor 
the  health  and  deal  with  the  prob¬ 
lems.” 

Another  welcomed  advance¬ 
ment  will  be  widespread  adop¬ 
tion  of  DNS  Security  Extensions, 
which  could  provide  security 
features  for  authenticity  and 
integrity.The  protocols  have  been 
under  development  since  1996, 
but  suffer  from  technical  and 
political  issues,  such  as  establish¬ 
ing  trust  relationships. 

“The  new  challenge  is  to  see 
whether  we  can  continue  to  use 
DNS  for  whatever  we  like,  to  con¬ 
tinue  to  add  stuff  on  top  of  it,” 
Mockapetris  says.“We  don’t  want 
DNS  to  be  a  scarce  resource.  We 
want  domain  names  and  the 
ability  to  do  these  lookups  as  a 
tool  that  people  building  Internet 
applications  can  use  and  it  will 
just  be  there.  It  is  not  going  to  run 
out.  It’s  like  clean  air  and  water: 
You  want  clean  names  so  to 
speak,  and  clean  data,  it’s  what 
applications' need  to  live  on.’’B 
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One  of  the  promises  of  Enum  is  the  convergence  of  traditional  PSTN  networks  and  IP  networks, 
which  would  let  phones  on  circuit-based  networks  call  devices  on  IP-based  networks. 
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But  there  is  also  the  headache 
of  managing  multiple  low-end 
boxes, says  Jason  Robohm, direc¬ 
tor  of  technical  services  at 
Crossmark  Holdings  in  Plano, 
Texas. 

Most  applications  aren’t  opti¬ 
mized  to  run  in  distributed  envi¬ 
ronments  and  so  users  aren’t  get¬ 
ting  a  true  shared  resource  clus¬ 
ter,  says  Robohm,  who  runs  appli¬ 
cations  such  as  Lawson, 
F.  change  and  SQL  on  eight-way 
ProLiant  servers. 

“LVople  are  able  to  get  good 
performance  at  a  reasonably 
good  price  in  a  clustered  four¬ 


way  environment,  but  they’re  not 
taking  advantage  of  the  total 
eight  processors  because  it’s  four 
for  one  [instance]  of  the  data¬ 
base  and  four  for  another 
[instance],”  he  says.“If  you  need 
enterprise  level,  mission-critical, 
big-transactions-per-second  pro¬ 
cessing,  eight-way  is  the  only  way 
to  go.” 

Robohm  says  it’s  interesting  to 
see  Dell  scrap  an  Intel  platform, 
but  says  the  eight-way  market 
requires  more  engineering  and 
customization  than  the  one-way 
and  two-way  markets  that  Dell 
commoditized.  For  example,  HP 
stepped  up  its  eight-way  systems 
earlier  this  year  with  a  new  F8 
chipset  and  a  hot-pluggable 


RAID  memory  feature. 

IBM’s  Enterprise  X-Architecture 
lets  its  eight-way  systems  scale 
up  to  16  Xeon  MP  processors. 
Later  this  year,  it  will  be  able  to 
support  up  to  32  processors,  the 
company  says. 

“That’s  something  that  Dell 
doesn’t  have  access  to,”  Robohm 
says.  “So  if  they  kept  down  the 
road  of  eight-way  servers  they 
would  always  be  second  fiddle.” 

Insight  64 ’s  Brookwood  agrees. 

“Customers  who  are  looking 
for  eight-way  or  above  don’t  feel 
comfortable  buying  it  from  a 
company  like  Dell,”  he  says.  “It’s 
not  that  they  wouldn’t  buy  it  at 
all.  It’s  just  that  they  wouldn’t  buy 
it  from  Dell.’  ■ 
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“This  bug  definitely  has  the 
potential  to  be  a  significant 
threat  to  businesses,"  says  Pat 
Donahue,  a  network  administra¬ 
tor  with  ACMI,  a  maker  of  med¬ 
ical  equipment  that  has  offices 
across  the  country. 

Donahue  says  the  ubiquity  of 
IOS  and  the  ease  with  which  the 
bug  could  be  exploited  prompted 
him  to  act  quickly.  He  down¬ 
loaded  the  patch  from  Cisco  and 
had  all  his  equipment  upgraded 
within  days. 

“1  felt  much  safer  knowing  that 
the  software  running  the  router 
itself  is  not  vulnerable,  rather  than 
relying  on  access  lists  that  may  or 
may  not  work  or  could  be  modi¬ 
fied  or  removed  at  some  later 
date,”  he  says. 

Other  companies  reported  tak¬ 
ing  immediate  action. 

“For  SBC,  it  was  a  total  of  about 
600  pieces  of  equipment  that 
were  affected,”  said  an  SBC 
spokesman.  "We  immediately 
started  rolling  out  that  patch.” 

The  upgrades  were  done  on  a 
rolling  basis  so  no  service  was 


interrupted,  and  all  equipment 
was  patched  as  of  July  18. 

Others  were  taking  a  more  mea¬ 
sured  approach. 

“We’re  looking  at  it,”  says  Dick 
Emford,  lead  network  analyst 
for  plastics  manufacturer  New- 
ell-Rubbermaid,  about  the  IOS 
vulnerability.“But  we  haven’t  yet 
assessed  how  bad  it  might  be 
for  us.” 

Rubbermaid’s  network  links 
many  manufacturing  sites  in  the 
U.S.  over  a  WAN,  but  few  Cisco 
nodes  face  public  or  unprotected 
Internet  connections  so  it  is  not 
an  urgent  concern,  Emford  says. 

“We’re  monitoring  this  vulnera¬ 
bility  .  .  .  but  we’re  not  too  con¬ 
cerned  about  it,”  says  Phil  Go,  CIO 
at  Barton  Malow.  The  Chicago 
construction  company  uses 
Cisco  routers  to  link  three  offices 
across  the  country  with  IP  voice 
and  data.  Go  is  confident  be¬ 
cause  his  firm  uses  access  con¬ 
trol  lists  to  keep  traffic  on  those 
routers  limited  to  internal  corpo¬ 
rate  voice  and  data  packets,  and 
few  ports  face  the  Internet. 

Hesitancy  in  upgrading  routers 
is  common,  says  one  veteran 
industry  watcher. 


“Lots  of  companies,  when  they 
buy  routers,  don’t  want  to 
upgrade  them  [later],” says  Frank 
Dzubeck,  president  of  consul¬ 
tancy  Communications  Network 
Architects.“They  think  they’re  buy¬ 
ing  an  appliance,  not  a  software 
product. . .  .And  if  they  get  three  or 
four  [IOS  revisions]  behind, 
there’s  much  trepidation  when 
the  time  comes  to  apply  a  major 
patch  like  this.” 

Smaller  shops,  in  particular, 
might  be  slow  to  apply  patches,  or 
are  taking  extra  time  to  determine 
if  gear  is  at  risk,  experts  say. This  is 
because  upgrading  IOS  on  older 
routers  that  have  been  chugging 
along  for  long  periods  of  time 
without  maintenance  can  be  a 
tricky  proposition. 

“It  [is]  more  difficult  for  organi¬ 
zations  that  don’t  have  an  engi¬ 
neer  on  staff” to  upgrade  an  affect¬ 
ed  IOS  device,  says  Toby  Velte, 
CTO  of  software  company  Solv 
Technology,  and  author  of  the 
book  Cisco: A  Beginners  Guide. 

The  upgrade  process  involves 
downloading  the  patch,  applying 
it  to  an  IOS  version,  sending  the 
image  to  a  router,  then  restarting 
the  device  “which  kills  all  open 
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connections,”  he  says.  This  proce¬ 
dure  could  be  trouble  for  organi¬ 
zations  that  cannot  avoid  router 
downtime,  or  those  that  have  lots 
of  routers  but  few  IT  staff  mem¬ 
bers  proficient  in  IOS. 

“If  you  get  the  wrong  IOS  on  the 
device  or  screw  something  else 
up  along  the  way  the  device  will 
be  down  until  you  get  it  right,” 
Velte  adds. 

Becoming  proficient  in  IOS 
can  take  hours  of  reading, 
coursework  and  certification, 
and  years  of  experience.  IOS  is 
an  intricate  operating  system 
that  can  support  many  things 
besides  routing  packets  —  such 
as  security, VoIRWi-Fi  and  quality 
of  service. 


Dzubeck  says  that  a  decade  of 
evolution  and  consistent  re-craft¬ 
ing  of  IOS  might  lead  to  the  code 
becoming  prone  to  failures. 

“IOS  is  really  an  amalgamation 
of  a  number  of  things,”  Dzubeck 
says,  adding  that  as  the  code  gets 
on  in  years  more  vulnerabilities 
could  pop  up. 

But  Velte  disagrees  that  “feature 
bloat”  is  to  blame. 

“While  the  code  is  getting  larger 
by  including  more  features,  the 
hardware  capabilities  have  more 
than  kept  up,”  Velte  says.  “When 
some  software  trees  get  older, 
such  as  Unix,  they  get  more  hard¬ 
ened  and  reliable.  A  recent  copy 
of  IOS  is  greatly  improved  over  a 
five-year-old  version.The  presently 
discovered  vulnerability  could 
have  been  in  IOS  for  years.  So  it 
wasn’t  IOS  bloat  that  caused  the 
problem  to  appear.  It  was  the  level 
of  sophistication  of  those  that 
probe  for  such  vulnerabilities.” 

Jim  Duffy,  managing  editor  of 
Network  World's  The  Edge,  con¬ 
tributed  to  this  story. 
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Most  important  is  the  introduc¬ 
tion  of  an  asynchronous  version 
of  EMC’s  data  replication  software 
used  by  businesses  to  transfer 
data  between  geographically  sep¬ 
arated  locations  for  disaster- 
recovery  purposes.  Called  the 
Symmetrix  Remote  Data  Facility 
(SRDF),  the  new  asynchronous 
mode  lets  data  be  replicated 
using  IP  over  any  distance.  EMC’s 
previous  synchronous  mode  was 
limited  to  62  miles  without  the 
addition  of  a  channel  extension 
box  from  CNT  or  Nortel. 

“Asynchronous  replication  per¬ 
mits  geographical  data  distribu¬ 
tion  and  backup,  and  assists  in 
controlling  the  cost  of  the  tele¬ 
communications  infrastructure, 
which  gives  people  more  reason 
to  replicate  more  data” says  Brian 
Babineau,  an  analyst  with  Enter¬ 
prise  Storage  Group.  “Large  finan¬ 
cial  services  companies  need  to 
recover  from  disasters  outside 
their  geographic  region.  If  there  is 
a  major  incident  in  the  New  York 
region,  they  can  recover  data 
from  offices  in  Chicago  that 
would  not  be  affected  by  the 
regional  disaster^ 

Users  and  vendors  are  becom¬ 
ing  interested  in  replication. 
Earlier  this  month.  Sprint,  Cisco 
and  Hitachi  Data  Systems  demon¬ 


strated  replication  using  the  Fiber 
Channel  over  IP  (FCIP)  protocol 
over  a  distance  of  1,800  miles. 
CNT  also  showed  off  long-dis¬ 
tance  replication  over  7,580  miles 
using  FCIP  between  the  U.S.  and 
Europe.  In  2001,  Nishan  Systems, 
IBM,  Intel,  Dell,  QLogic  and  Qwest 
demonstrated  replication  via  the 
Internet  Fibre  Channel  Protocol 
of  more  than  3,100  miles. 

At  least  one  analyst  sees  EMC’s 
replication  capability  as  a  matter 
of  survival  in  the  growing  replica¬ 
tion  market. 

“If  EMC  did  not  start  to  hustle  in 
delivering  inexpensive  replication 
solutions,  everyone  was  going  to 
move  away  and  do  applications 
either  from  the  network  or  some 
gadget  in  the  middle  of  the  fab¬ 
ric,”  says  Arun  Taneja,  senior  ana¬ 
lyst  with  Taneja  Group.  “This  is  a 
survival  move  for  EMC.  If  they 
don’t  do  it,  they  are  going  to  hurt.” 

Replication  software  experi¬ 
enced  the  largest  growth  in  the 
storage  software  industry  in  the 
first  quarter  of  this  year, according 
to  IDC,  accounting  for  $263  mil¬ 
lion  of  the  $1.42  billion  market. 

EMC’s  asynchronous  SRDF  also 
will  use  a  native  Ethernet  adapter, 
thus  eliminating  the  need  for 
installing  and  managing  a  sepa¬ 
rate  CNT,  Cisco  or  Nortel  router. 

"The  primary  benefit  obviously 
is  having  one  less  box  to  purchase 
and  manage,  so  you  would  hope 


Storage  software 
sees  growth  spurt 

Replication  software 
experienced  the  largest 
growth  in  the  storage 
software  industry  in  the 
first  quarter  of  this  year, 
says  IDC.  It  accounted  for 

$263 

million  of  the  $1.42 
billion  market. 


there  is  some  kind  of  cost  benefit 
if  the  functionality  is  built  into  a 
card  or  blade  within  the  box” says 
John  McKnight,  an  analyst  with 
Enterprise  Storage  Group.  “Then 
there  are  management  and  oper¬ 
ational  efficiencies  from  not  hav¬ 
ing  to  discover  and  manage  an 
entirely  new  device.  The  manage¬ 
ment  functionality  would  likely 
be  an  extension  of  storage  soft¬ 
ware  the  administrator  is  familiar 
with.” 

The  benefit  of  an  integrated 
card  for  replication  is  not  lost  on 
one  user. 

“It  removes  the  need  to  get  a 
network-to-SAN  bridge,  since  it  is 
already  providing  one  within  the 
box,”  says  Kent  Smith,  principal 


consultant  for  IPSO,  a  business 
systems  integrator  in  Wayland, 
Mass.  “The  fewer  pieces  I  need  to 
buy,  the  happier  I  am  for  two  rea¬ 
sons  —  fewer  pieces  equal  lower 
cost  and  fewer  vendors  equal  [a 
box  that  is]  easier  to  support.” 

The  company  also  will  intro¬ 
duce  a  new  configuration  of  its 
existing  DMX800  modular  storage 
system  that  has  half  the  capacity 
of  the  existing  DMX800.  It  also  will 
roll  out  a  new  DMX3000  array 
which  has  twice  the  capacity  of 
the  company’s  largest  array,  the 
146G-byte  DMX2000. 

The  entry-level  DMX800  has 
from  eight  to  60  73G-  or  146G-byte 
drives  for  a  total  minimum  capac¬ 
ity  of  292G  bytes.  The  DMX3000 
has  a  maximum  capacity  of  84 
terabytes  and  like  the  DMX800 
uses  10,000-  or  15,000-rpm  73G-  or 
146G-byte  drives. 

Gartner  expects  the  midrange 
market  to  grow  faster  than  high- 
end  storage.  It  says  midrange  stor¬ 
age  will  increase  from  $5.9  billion 
in  2001  to  $9  billion  in  2006.  By 
contrast,  Gartner  expects  high- 
end  storage  to  increase  from  $7.4 
billion  in  2001  to  $8  billion  in 
2006.  While  EMC  dominates  the 
high-end  market  with  a  41.5% 
market  share,  it  has  only  5%  mar¬ 
ket  share  in  midrange  storage. 

EMC’s  DMX  arrays  are  also 
among  the  first  from  major  sys¬ 
tems  vendors  to  offer  native  iSCSI 


support,  enabling  the  transport  of 
Fibre  Channel  storage  data  over 
the  Gigabit  Ethernet  network.  In 
May  Network  Appliance  jump- 
started  the  iSCSI  market  by  rolling 
out  FAS900  and  F800  file  servers 
that  support  the  iSCSI  protocol. 

Further,  the  company  has  added 
FICON  capability,  which  lets 
administrators  join  SANs  to  main¬ 
frame  computers  and  get  many 
times  greater  performance  than 
with  previous  Enterprise  Systems 
Connection  (ESCON)  enabled 
storage  arrays. 

Industry  analysts  praised  EMC 
for  adopting  features  they  say  are 
a  must  for  any  storage  array. 

“Large  z/OS  or  MVS  customers 
like  insurance  companies,  banks 
and  financial  institutions,  have 
already  migrated  from  ESCON  to 
FICON  because  FICON  is  faster” 
says  Diane  McAdam,  senior  ana¬ 
lyst  with  Data  Mobility  Group. 
“Because  the  DMX  couldn’t  talk 
FICON,  those  customers  had  to 
use  older  EMC  equipment.” 

ESCON  had  a  17M-byte/sec 
maximum  burst  rate,  and  FICON’s 
is  100M  byte/sec. 

Further,  EMC  will  announce  the 
ability  of  the  DMX  arrays  to  con¬ 
nect  to  IBM  iSeries  (AS/4  .’0) 
servers.  ■ 
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H  Mark  Gibbs 

The  jackals  of  IT 


ou  must  have  seen  those  docu¬ 
mentaries  about  the  African 
—  savanna  where  something  like 
a  water  buffalo  is  hounded  by  jack- 
als  until  it  either  drives  them  off  or, 
exhausted,  is  overwhelmed  and 
killed.  Well,  in  the  civilized  world  of 
IT  you  don’t  expect  to  see  the  jack¬ 
als  show  themselves  quite  so  openly. That  was  until 
The  SCO  Group  started  hounding  IBM  and  the 
Linux  world. 

On  the  face  of  it,  SCO’s  contention  that  IBM 
gave  away  code  that  belonged  to  SCO  and  con¬ 
sequently  owes  SCO  $1  billion  looks  —  as  so 
many  have  pointed  out  —  like  a  cheap  ploy  to 
get  itself  bought  rather  than  continue  to  struggle 
to  make  a  profit. 

SCO  went  on  to  declare  that,  because  IBM  con¬ 
tributed  code  to  Linux  that  contains  SCO  Unix 
intellectual  property,  commercial  Linux  customers 
could  be  legally  liable  for  using  the  code.  Of  course 
SCO  has  yet  to  show  the  code  in  question  so  what 
we  have  here  is  a  web  of  assertions,  implications, 
bombast  and  threats. 

Then  SCO  announced  that  Microsoft  had  licensed 
SCO’s  Unix  code  and  soon  thereafter  Sun  signed  up. 
Why?  Because  getting  a  place  in  the  pack  of  jackals 
gives  them  both  a  role  in  trying  to  bring  down  Linux 


in  particular  and  open  source  in  general. 

It  gets  better:  Just  last  week  SCO  announced  the 
company  “is  prepared  to  offer  a  license  for  SCO’s 
UnixWare  7.1.3  product  for  use  in  conjunction  with 
any  Linux  product,”  which  means  it  is  ready  to  start 
threatening  large  Linux  users. You  have  to  wonder 
at  the  sheer  chutzpah  of  these  guys. 

1  say  chutzpah  because  even  if  SCO  is  right  and 
IBM  has  given  the  open  source  world  a  hairy  prob¬ 
lem  to  deal  with,  for  SCO  to  go  after  a  huge  group 
of  users  in  a  way  that  guarantees  SCO  will  become 
public  enemy  No.  1  is  beyond  stupid. 

Until  SCO  reveals  all  the  code  that  it  says  proves 
intellectual  property  infringement  we  will  have  to 
wait  and  watch  the  slow  dance  of  lawyers  jockeying 
for  position.  In  the  meantime,  the  damage  to  open 
source  and  Linux  is  being  done,  slowly  but  surely 

This  is  a  really  important  issue. The  future  of  both 
open  source  and  Linux  is  not  something  for  a  sin¬ 
gle  vendor  to  control  or  manage.  Linux  is  arguably 
the  biggest  leveling  of  the  computing  playing  field 
we’ve  ever  seen. 

There  are  two  simple  solutions:  One,  if  SCO  can  be 
bought  out  then  IBM  should  do  so  whether  or  not 
SCO  has  a  case.The  business  opportunity  offered  by 
its  acquisition  can’t  be  that  bad  and  to  IBM  the  cost 
would  be  like  a  rounding  error  in  the  coffee  fund. 

And  how  about  if  IBM  got  all  of  the  other  Linux 


vendors  to  chip  in  —  a  few  million  here,  a  few  mil¬ 
lion  there  and  soon  we’ll  be  talking  real  money.  At 
the  end  of  the  exercise  the  group  would  own  the 
intellectual  property  and  it  could  finally,  once  and 
for  all.be  placed  under  the  General  Public  License. 

The  other  solution  would  be  for  every  interested 
party  to  fight  SCO.  Everyone  would  need  to  adopt  a 
“we’ll  fight  to  the  bitter  end”  position,  and  then  let’s 
see  how  long  SCO’s  money  lasts.  On  the  other 
hand,  the  entire  case  —  which  from  what  I’ve  read 
cannot  ultimately  be  won  by  SCO  —  is  unlikely  to 
cost  more  than  buying  out  the  wretched  company, 
so  the  first  solution  would  be  the  least  messy. 

This  isn’t  an  issue  concerning  everyday  commer¬ 
cial  rights.The  wrong  outcome  —  SCO  prevailing 
and  holding  everyone  that  uses  Linux  commercially 
hostage  —  would  not  only  destroy  arguably  the 
most  profound  and  important  computing  direction 
since  the  appearance  of  the  IBM  PC,  it  also  would 
give  Microsoft  a  huge  advantage  in  securing  the 
future  of  its  proprietary  technologies. 

Think  Microsoft  has  a  monopoly  now?  Just  imag¬ 
ine  how  strong  it  would  become  without  the  threat 
of  Linux!  If  the  jackals  win  we’ll  be  stuck  in  the  pro¬ 
prietary  Dark  Ages  rather  than  transitioning  to  the 
Age  of  Open  Source  Enlightenment. 

Your  theories  to  backspin@gibbs.com. 
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News,  insights,  opinions  and  oddities 


By  Paul  McNamara 

Mistaken  identity-theft  figures 

Something  is  wrong  here. 

Gartner  last  week  reported  that  3.4% 
of  2,445  U.S.  adults  surveyed  by  mail  claimed  to  have  been  the  victim  of  identity 
theft  within  the  past  12  months. 

Identity  theft  is  among  the  most  frightening  of  non-violent  crimes,  not  only 
because  of  the  financial  toll  it  exacts  but  also  the  endless  hurdles  victims  must 
clear  to  restore  their  good  names.The  crime  predates  the  Internet  and  need 
not  involve  computers,  of  course,  but  stands  today  as  perhaps  the  most  power¬ 
ful  drag  on  the  growth  of  e-commerce. 

If  the  Gartner  survey  accurately  reflects  the  prevalence  of  this  crime,  it 
means  some  7  million  Americans  were  victimized  between  June  2002  and  June 
2003,  an  almost  80%  increase  over  the  previous  year’s  Gartner  survey. 

But  here’s  the  good  news:  It’s  virtually  inconceivable  —  at  least  to  me  —  that 
these  figures  accurately  reflect  reality.  In  fact,  it  appears  unlikely  they're  even  in 
the  ballpark. 

It's  important  to  understand  that  Gartner  is  not  talking  about  simple  credit 
card  fraud:  “With  identity  theft,  a  thief  takes  over  a  consumer’s  entire  identity 
by  stealing  critical  private  information,  such  as  the  Social  Security  number, 
driver's  license  number,  address,  credit  card  number  or  bank  account  number," 
Gartner  says.  “The  thief  can  then  use  the  stolen  information  to  obtain  illegal 
loans  or  credit  lines  to  buy  goods  and  services  under  the  stolen  name." 

Gartner’s  data  would  have  us  believe  that  3.4%  of  U.S.  adults  —  again,  7  mil¬ 
lion  people  —  were  so  victimized  in  just  one  year. 

However,  the  FederalTrade  Commission’s  clearinghouse  for  identity-theft  infor¬ 
mation  reports  having  logged  about  162,000  such  complaints  last  year  from  vari¬ 
ous  sources.The  FTC  site  states  upfront  that  this  is  not  an  all-inclusive  count, 
but  it  would  have  to  be  considered  completely  irrelevant  —  as  in  accounting  for 


only  1  in  every  43  such  crimes  —  if  the  Gartner  survey  reflects  reality. 

According  to  figures  from  the  National  Crime  Victimization  Survey  posted  on 
the  Justice  Department's  Web  site,  "In  2001,  U.S.  residents  age  12  or  older  experi¬ 
enced  approximately  24.2  million  crimes"  of  all  types.  About  5.7  million  were  vio¬ 
lent,  so  let's  back  them  out  of  the  total,  along  with  a  few  million  for  the  12-to-18 
crowd  that  Gartner  isn’t  counting.  (We’re  also  looking  at  2001  numbers,  but  they 
ought  not  to  have  increased  dramatically  since  they  are  overall  crime  figures.) 

If  you  take  both  the  Justice  Department  and  Gartner  numbers  at  face  value  it 
means  that  roughly  half  of  all  non-violent  crime  is  identity  theft. 

Anyone  buy  that? 

“The  survey  methodology  and  question  set  were  sound,”  says  Avivah  Litan, 
the  Gartner  analyst  who  authored  the  report.  "The  numbers  are  an  accurate 
reflection  of  those  who  believe  they  have  been  victimized  by  identity  theft  in 
the  past  12  months.” 

Perhaps  there’s  an  answer  to  the  puzzle  in  the  word  “believe."  Maybe  people 
didn’t  read  or  properly  comprehend  the  definition  of  identity  theft,  and,  in  par¬ 
ticular,  appreciate  the  distinction  between  it  and  credit  card  fraud.  Maybe  peo¬ 
ple  didn’t  note  the  "past  12  months"  caveat. 

Who  knows?  If  everyone  could  understand  and  correctly  answer  every  ques¬ 
tion  put  to  them,  there  would  be  no  need  for  the  SATs. 

But  here’s  the  truly  scary  prospect:  What  if  the  Gartner  numbers  are  correct? 

In  that  case,  virtually  every  one  of  us  —  or  one  of  our  family  members  —  stands 
a  solid  statistical  chance  of  falling  victim  to  this  crime  within  a  few  short  years. 

In  other  words,  if  the  Gartner  data  reflects  reality,  you  can  pretty  much  kiss 
e-commerce  goodbye. 

And  don’t  forget  the  frequency  with  which  perception  becomes  reality:The 
Gartner  figures  circulated  worldwide  in  news  reports  last  week. To  the  extent 
they  create  an  erroneous  impression,  the  damage  already  has  been  done. 

Got  a  take  of  your  own?  The  address  is  buzz@nww.com. 


See  disparate  data  united. 

See  old  and  new  become  one. 
See  bits  of  data  become  insight 


Introducing  IBM  DB2  Information  Integrator  -  the  brand-new  software  that  turns  everything  in  its  path  into 


insight  and  opportunity:  rows  and  columns,  video  and  e-mail,  audio  and  Web.  It  works  wherever  your 


data  lives:  Oracle,  Microsoft  or  IBM.  It  works  in  real  time,  across  platforms:  Linux?  Windows;’  UNIX?  Insight 


is  yours.  On  demand.  Faster  than  ever.  For  a  DB2  Information  Integrator  Kit,  visit  ibm.com/db2/integrate 

((  ’business  on  demand  software 


IBM  DB2  the  e-business  logo  and  e  business  on  demand  are  registered  trademarks  or  trademarks  ol  International  Business  Machines  Corporation  in  the  United  Slates  and/or  other 
countries  Linux  is  a  registered  trademark  ol  Linus  Torvalds  Microsoft  and  Windows  are  registered  trademarks  of  Microsoft  Corporation  in  the  United  States  and/or  other  countries. 
UNIX  is  a  registered  trademark  of  The  Open  Group  in  the  United  States  and/or  other  countries  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others 
<fc,2003  IBM  Corporation  All  rights  reserved 


Tivoli  software 


See  it  fixed  before  it’s  broken. 

See  the  problem  before  it  occurs. 
See  IT  and  business  goals  as  one. 
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Tivoli  Intelligent  Management  software.  It’s  here  now:  software  that  self-configures,  self-heals, 
self-optimizes  and  self-protects.  On  demand.  With  Tivoli,  on  demand  business  is  more  manageable 
than  ever.  You’ll  spend  less  time  worrying  about  mundane  tasks  and  more  time  on  important  things  — 
like  business  results.  For  a  customized  analysis  of  how  Tivoli  can  help  you,  visit  ibm.com/tivoli/seeit 
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logo  and  e-bustness  on  demand  are  registered  trademarks  or  trademarks  ot  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries 
All  lights  teserved. 


